From a48a96265339f2f08fa81cc678e4d307a4997279 Mon Sep 17 00:00:00 2001 From: nickray Date: Sun, 6 Jan 2019 03:44:05 +0100 Subject: [PATCH 01/44] Fix badges and hint Python setup --- README.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index bc6c090..e95130f 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ -![GitHub](https://img.shields.io/github/license/mashape/apistatus.svg) -[![Kickstarter](https://img.shields.io/badge/kickstarter-back%20us-red.svg)](https://solokeys.com/kickstarter) +[![License](https://img.shields.io/github/license/solokeyssec/solo.svg)](https://github.com/SoloKeysSec/solo/blob/master/LICENSE) [![Build Status](https://travis-ci.com/SoloKeysSec/solo.svg?branch=master)](https://travis-ci.com/SoloKeysSec/solo) -[![Discourse Status](https://img.shields.io/discourse/https/meta.discourse.org/status.svg)](https://discourse.solokeys.com) +[![Discourse Users](https://img.shields.io/discourse/https/discourse.solokeys.com/users.svg)](https://discourse.solokeys.com) [![Keybase Chat](https://img.shields.io/badge/chat-on%20keybase-brightgreen.svg)](https://keybase.io/team/solokeys.public) @@ -44,10 +43,15 @@ cd solo cd targets/stm32l432 make cbor make all-hacker -python ../../tools/solotool.py program solo.hex +cd ../.. + +make env3 +source env3/bin/activate +python tools/solotool.py program targets/stm32l432/solo.hex ``` If you forgot the `--recurse-submodules` when cloning, simply `git submodule update --init --recursive`. + For example, if you want to turn off any blue light emission, you can edit [`led_rgb()`](https://github.com/SoloKeysSec/solo/blob/master/targets/stm32l432/src/led.c#L15) and force: ``` uint32_t b = 0; From ba4ca962533ea8fd129cf56e6fb0a60894abd0cb Mon Sep 17 00:00:00 2001 From: int3l Date: Sun, 6 Jan 2019 20:12:33 +0200 Subject: [PATCH 02/44] Update mkdocs config - adjust the copyright text - rename and reorder some of the menu items for the sake of better SEO and user experience --- mkdocs.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mkdocs.yml b/mkdocs.yml index 508e6ec..2822e2e 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -3,18 +3,18 @@ site_author: SoloKeys site_description: 'Documentation for the SoloKeys solo software' repo_url: 'https://github.com/solokeyssec/solo' repo_name: 'solokeyssec/solo' -copyright: 'Copyright © 2018 SoloKeys' +copyright: 'Copyright © 2018 - 2019 SoloKeys' nav: - Home: index.md - - README.md: repo-readme.md - FIDO2 Implementation: fido2-impl.md + - Build instructions: building.md - Signed update process: signed-updates.md - - Building: building.md - Code documentation: code-overview.md - Contributing Code: contributing.md - Contributing Docs: documenting.md - - What the udev?!: udev.md + - udev Rules: udev.md + - About: repo-readme.md theme: name: material From 2f61c061b7c057c693b7185e5a8bf2297048e64b Mon Sep 17 00:00:00 2001 From: int3l Date: Sun, 6 Jan 2019 18:34:43 +0200 Subject: [PATCH 03/44] Add favicon asset Same asset icon file as solokeys.com --- docs/images/favicon.ico | Bin 0 -> 15086 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 docs/images/favicon.ico diff --git a/docs/images/favicon.ico b/docs/images/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..c5dfb6042098ffccbfc195e2cd875a44dc902915 GIT binary patch literal 15086 zcmZQzU}RusFfaho3Jfb$85qnM7#I{3pnL%ahI^_E3<3fWeg+EzLz@``g9ZZwg8>5r zLjnUtoB;$>K*T5>i6Nkh*5d3oh#1$pKFigGHU$l{c;6%`fD6cm&_#KrZv@tFlvCo8L>3{$5h zqok@RryM6QuiUL5r(7m4uWSXAL#MSxwRsfel|L!SE1yM|L*g?k$tn5B%PUta$SF@( zP*7=kWHS4x7(D=RCDf$|_o zA508JD=4V=gVZa?Der)ZA=9|r54H2Vyu9*fQ24;~$jd7&2AL->uN17HplW~%L-Pq( zo1(nZ6p$We8D&swfC-u&kAo$#5c2Zsit_Tx#n89}<*|PX3d-SFlrq5F4=O`o@}RI& zkXOD6vJ;eUVd5ZKK|yH~SX^HDKVDi+sT`zUN=k}LL0AU=o&@j)0=)`7$n6qF}|_#mt(uUrBalUIHwFRwgVQBK7d z6pkP{d>H0_P<{mKms8paqUGh4Z-de@x?Wg%#8$?D)I!7W52!o@^W{`dD#$B+K{rc5 zLHU$|yz)C(S*swgd=!-L(aTmjIb~}F1(gOxMMZs(dFUACesDU5x*b%GDak6CpsR)Q z8Np?Vyz+NwdWH%!Fv!U%8$gVKw%*-ue=+i9+Xay)giM%W+})k-vyO}pfsl_ zuaW}FKhX4gRaseC7Nj0j&O^*naRBj=F{s`EmBR{hN(VvWp!^9|E3bSFWF|C^oCS-? zDbEL~!G@9D50VF^IR$y;y&!!cH-W^kVI?Iceo&nNt#>}j%PXH&kXPzMN+(RvyuKb+ z{SS7hyz+iEDK!z09iX%c4ZkM}^2#qkX-ZyRCCk{@m=z?C4Wqjsqy}1M>;w4$3-VbCDI!R%9zQ{I4N?hTl@qMULXsJ)9Mhi=XXP`ehU9+`Gv zaA1M=vq0@!I99o?0B%dGyhStjDX3imG6NJgNOB+Li3vBET>;|YgKOy~f zrAR0rEGI9oVhPd@!wL$@E0N?sfW)!6AKDKEn*r)KgVe#WjEszsg1j=q4GJoaFgbJ@ zI=;CLlm?OPg_#SZ|0yUaMS}D~`;Rd3{|X8!l^}5_W>P>N4~6v)v6MgZ^2(Et?E9ml zqQVC?g8@|jBFTZ{9VUlNL*4!jSuGm-IjEl}C#Rx~tWQB+c{xIz(ic!Zk&{z$hL-a% zzx@N1Ng#dL!XH#uLdT?G>h~!qsJKJ(C20H>EDq|Mg2s$N=AdImdF4F_cROgfAXxvp!PE85f9ms0X*^2VYTM+J32F*XLQczG%P?T3Lg^rCN#jDCRbp6EgiE%%% zW+AHsg&BJL3&lU6bPT~yRHRj8koA(nrj`3aZUD6jKzSU8yFuZo%-)Pu=WLd(mm7((VKls!Ogd`iq3)jJvjqaiSKL*PFcFff3r z|6uy@e+c~$O8p}Fn z`p@>q85kbVV<@)cXJB|JS64o#o`Kh02RK4)NfX5VrC49Fb$gXho5 zGcY{w2f2WO;rVeW{TNDrgwP-o;tmiC?9TuA_&?YmR8+__FnnM>AW^{2!0>>vO(LL1uc^gsL$G4J8S|3B*gGcY_j z2%$ePL+Bsu5cRC@58c<{?1+eRAvo&DVn3qUd^6R8-hOV`ZSeHb@RM9|@j^!?KnI)IL>^ zSN@4@91PS~1oyWTR6)!47(r$sWAONbf>Hsp7>Es?r&dtD1sb;i^|8S7f%3}h6(D0_ zXF*{PQU}7|zOlUWFZ6jy1v%vv3i8T#K=Z+%u@ca{Bxnv0qz8tv*$*1y0gc6h+K-^I z5l}lGxqYZ0uQCrb7Y;WAG$tUYyaUuX1+}w5;-Gd2bPgGw`ax^F6y=n2LGmz+Za;L~ z=>w>*4^jgj%aT)`4r0SFXuStg-vcxzbQe4}C9ix06xJYhkg)*Js!9-#fe|zgpdhdO z0yIVg7J(9A`{h;Ug18{JgTq%rX%mPK!l1rCDBK|94xlj^C{|ED1d>-&RB;216*4d| zFexY~r-S?m5(i<>*q(x%@(cxel7nH0{mTCpr)Xfz}&=%utY5{t8+f2g$5-S5TgyAg}xoJf@+bVh=JGhUMjzJr(3t-h%p?P%&oEdKXX|7CcTWulx(zrvgiZ z-K(I|2=123EB}OzJ3#p#(eoO_ex(AC8K7`fP*CXr8-zqC$}87``~vbTD17AQRW?KO z1!%p`0VJgiptThsbD;47TI+EYH0}TjFHl*5tQN$E*$-la*3UuASMCDwkuk{spf)yW zd2g1nqgZQ8_L_uEpDJai___W68_JiyL z%{PGZ@?f7|2f1|=QzryKWhyBBgUSwkCW7QaWeYwvFgZ|}1FARC>l~Oohz8{!&{|1Q z{R!*igV#HO=A4k$8G_0@P#FqSqad$*1yrVk%z&=1`T<%C4dR39Mo?LcWF~0s!nm?;vG8bgWQbhjgNrzgRuf)y%8uL6%g3JZY(Ll>tuo-q&=ik1)F~X`xnW6aJ>VKFVMP1ki4S2${MKtm$3FE$XpNx zt(%3)f!4q;2aPW(p{+-Th5=}uJUnbb>+wMKBE$@(3aA<2^aqM>aD4~zFBF5?aG-f- zka{ExYCA#4_aSW{kQ{g|EM#5GIuIX*!Sey&HOQd(M8ukI?fcFE)7lZ+oA0XaQH&UOxK~u16> zgA)5;MuEy-&{!uZj6r1%Oq>`R-2PWkH9((-Ax7`0nt=%c$aum1|Ns9#|NsC0_y6}5 zJ~!XbE8czY{OjLm4&)v_c;0vZ;de2+Z+^Jfe&_%H|M%+u|Gy6&i-72akq;`0*$)^P zF&|eJD*mS~RQy9(sQ5v$k@DdW#q7uIKmR{q|M~xe`p+=sa2hmD0qU56MkwIp6f9(g z1rum(3aH(SOE+>pg7ycPL1LgX0$g4yD90n$3($5oe7;gaPI&>yY;Zc4S6;3trxFXA zQv~e?0hQ69HU_AF25Ogs${Wbsw#qb6-UjIdwf{kKp!E+RF>raTpp*eJ1GMf#US7Eg zWTw2lvJnIusSPyt0NM|utf1@xs^dXz9nhRB zc>WwbPpRk%%F___$_wP>mAqj462NU91*J?#T_UfkprC3FQYSC36a}uoKx?Xz_7cJT z53)}|PN^QGb^tIF%s()@ag|f(;vhFe`V-3UKy#9i_8E9?_6jI&K2P+sW- zxc#S~+zGM=I*&OU)b9e-ji9<(QBgS+RBwRg<&~c*$SP%k^n=DEKy67-x&n<~fZ7!x zHQ;cQR|c(@{tJ=^^~V(Cm2ZOk=b(L0kbN8ECfua3AL>#0K0P1bXcmMzZ literal 0 HcmV?d00001 From 600b2a61fecde51e5a6c84156274c54b9ac9b1b3 Mon Sep 17 00:00:00 2001 From: int3l Date: Sun, 6 Jan 2019 18:36:58 +0200 Subject: [PATCH 04/44] Enable custom favicon --- mkdocs.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/mkdocs.yml b/mkdocs.yml index 508e6ec..e62a1e7 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -19,3 +19,4 @@ nav: theme: name: material logo: 'images/logo.svg' + favicon: 'images/favicon.ico' From ca27b26c6bf45a68a273a6a362403feb898b305a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Sat, 5 Jan 2019 13:49:58 +0100 Subject: [PATCH 05/44] Avoid 2nd start of the simulation server udp_server() is being called second time during the simulated run, which fails due to trying to claim already used port. This patch adds cache to the udp_server() result. Signed-off-by: Szczepan Zalega --- pc/device.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pc/device.c b/pc/device.c index 4344ef5..ce915eb 100644 --- a/pc/device.c +++ b/pc/device.c @@ -54,7 +54,11 @@ void device_set_status(int status) int udp_server() { - int fd; + static bool run_already = false; + static int fd = -1; + if (run_already && fd >= 0) return fd; + run_already = true; + if ( (fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) { perror( "socket failed" ); return 1; From 8c1d716632c7a32db52e17ce995615a702e58f16 Mon Sep 17 00:00:00 2001 From: robbiemacg Date: Mon, 7 Jan 2019 13:47:03 -0400 Subject: [PATCH 06/44] Update fido2-impl.md Fixed small apparent typo. --- docs/fido2-impl.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/fido2-impl.md b/docs/fido2-impl.md index 4747516..d0d5890 100644 --- a/docs/fido2-impl.md +++ b/docs/fido2-impl.md @@ -21,7 +21,7 @@ When you register a service with a FIDO2 or U2F authenticator, the authenticator must generate a new keypair unique to that service. This keypair could be stored on the authenticator to be used in subsequent authentications, but now a certain amount of memory needs to be allocated for this. On embedded -devices, there isn't much memory to spare and users will allows frustratingly +devices, there isn't much memory to spare and users will always frustratingly hit the limit of this memory. The answer to this problem is to do key wrapping. The authenticator just From bdc4c8f9df11a57b963138a5e58ced408338e81f Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Mon, 7 Jan 2019 22:39:36 +0100 Subject: [PATCH 07/44] Move to solokeys org, host docs under docs.solokeys.io --- .gitmodules | 4 ++-- README.md | 10 +++++----- docs/index.md | 4 ---- docs/repo-readme.md | 1 - docs/{ => solo}/building.md | 0 docs/{ => solo}/code-overview.md | 0 docs/{ => solo}/contributing.md | 4 ++-- docs/{ => solo}/documenting.md | 0 docs/{ => solo}/fido2-impl.md | 0 docs/{ => solo}/images/favicon.ico | Bin docs/{ => solo}/images/logo.svg | 0 docs/solo/index.md | 4 ++++ docs/solo/repo-readme.md | 1 + docs/{ => solo}/signed-updates.md | 0 docs/{ => solo}/udev.md | 4 ++-- mkdocs.yml | 29 +++++++++++++++-------------- 16 files changed, 31 insertions(+), 30 deletions(-) delete mode 100644 docs/index.md delete mode 120000 docs/repo-readme.md rename docs/{ => solo}/building.md (100%) rename docs/{ => solo}/code-overview.md (100%) rename docs/{ => solo}/contributing.md (71%) rename docs/{ => solo}/documenting.md (100%) rename docs/{ => solo}/fido2-impl.md (100%) rename docs/{ => solo}/images/favicon.ico (100%) rename docs/{ => solo}/images/logo.svg (100%) create mode 100644 docs/solo/index.md create mode 120000 docs/solo/repo-readme.md rename docs/{ => solo}/signed-updates.md (100%) rename docs/{ => solo}/udev.md (92%) diff --git a/.gitmodules b/.gitmodules index 889b2af..05c9e6f 100644 --- a/.gitmodules +++ b/.gitmodules @@ -3,7 +3,7 @@ url = https://github.com/intel/tinycbor [submodule "python-fido2"] path = python-fido2 - url = https://github.com/SoloKeysSec/python-fido2 + url = https://github.com/solokeys/python-fido2 [submodule "crypto/micro-ecc"] path = crypto/micro-ecc url = https://github.com/kmackay/micro-ecc.git @@ -12,4 +12,4 @@ url = https://github.com/kokke/tiny-AES-c [submodule "targets/stm32l442/dfuse-tool"] path = targets/stm32l442/dfuse-tool - url = https://github.com/SoloKeysSec/dfuse-tool + url = https://github.com/solokeys/dfuse-tool diff --git a/README.md b/README.md index e95130f..0634920 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -[![License](https://img.shields.io/github/license/solokeyssec/solo.svg)](https://github.com/SoloKeysSec/solo/blob/master/LICENSE) -[![Build Status](https://travis-ci.com/SoloKeysSec/solo.svg?branch=master)](https://travis-ci.com/SoloKeysSec/solo) +[![License](https://img.shields.io/github/license/solokeys/solo.svg)](https://github.com/solokeys/solo/blob/master/LICENSE) +[![Build Status](https://travis-ci.com/solokeys/solo.svg?branch=master)](https://travis-ci.com/solokeys/solo) [![Discourse Users](https://img.shields.io/discourse/https/discourse.solokeys.com/users.svg)](https://discourse.solokeys.com) [![Keybase Chat](https://img.shields.io/badge/chat-on%20keybase-brightgreen.svg)](https://keybase.io/team/solokeys.public) @@ -37,7 +37,7 @@ You can only buy Solo for Hacker at [solokeys.com](https://solokeys.com), as we If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://solo.solokeys.io/building/). ```bash -git clone --recurse-submodules https://github.com/SoloKeysSec/solo +git clone --recurse-submodules https://github.com/solokeys/solo cd solo cd targets/stm32l432 @@ -52,7 +52,7 @@ python tools/solotool.py program targets/stm32l432/solo.hex If you forgot the `--recurse-submodules` when cloning, simply `git submodule update --init --recursive`. -For example, if you want to turn off any blue light emission, you can edit [`led_rgb()`](https://github.com/SoloKeysSec/solo/blob/master/targets/stm32l432/src/led.c#L15) and force: +For example, if you want to turn off any blue light emission, you can edit [`led_rgb()`](https://github.com/solokeys/solo/blob/master/targets/stm32l432/src/led.c#L15) and force: ``` uint32_t b = 0; ``` @@ -69,7 +69,7 @@ A frequently asked question is whether Solo for Hacker is less secure than regul Clone Solo and build it ```bash -git clone --recurse-submodules https://github.com/SoloKeysSec/solo +git clone --recurse-submodules https://github.com/solokeys/solo cd solo make all ``` diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index b29e554..0000000 --- a/docs/index.md +++ /dev/null @@ -1,4 +0,0 @@ -Welcome to the technical documentation for [solokeyssec/solo](https://github.com/solokeyssec/solo). - -For now, you can read the repository `README.md`, more documentation to come! - diff --git a/docs/repo-readme.md b/docs/repo-readme.md deleted file mode 120000 index 32d46ee..0000000 --- a/docs/repo-readme.md +++ /dev/null @@ -1 +0,0 @@ -../README.md \ No newline at end of file diff --git a/docs/building.md b/docs/solo/building.md similarity index 100% rename from docs/building.md rename to docs/solo/building.md diff --git a/docs/code-overview.md b/docs/solo/code-overview.md similarity index 100% rename from docs/code-overview.md rename to docs/solo/code-overview.md diff --git a/docs/contributing.md b/docs/solo/contributing.md similarity index 71% rename from docs/contributing.md rename to docs/solo/contributing.md index a200f01..1728356 100644 --- a/docs/contributing.md +++ b/docs/solo/contributing.md @@ -1,6 +1,6 @@ We are very open to contributions! -[Currently](https://github.com/solokeyssec/solo/issues), most work will go towards +[Currently](https://github.com/solokeys/solo/issues), most work will go towards * implementing STM32L432 * implementing NFC @@ -8,7 +8,7 @@ We are very open to contributions! In the future, we would love to see creative plugins/extensions, putting the TRNG and other features of the STM32L432 to good use! -Feel free to send a [pull request](https://github.com/SoloKeysSec/solo/pulls) at any time, we don't currently have a formal contribution process. +Feel free to send a [pull request](https://github.com/solokeys/solo/pulls) at any time, we don't currently have a formal contribution process. If you want to discuss your plans in quasi-realtime beforehand, you can also join our [solokeys.public](https://keybase.io/team/solokeys.public) Keybase team. diff --git a/docs/documenting.md b/docs/solo/documenting.md similarity index 100% rename from docs/documenting.md rename to docs/solo/documenting.md diff --git a/docs/fido2-impl.md b/docs/solo/fido2-impl.md similarity index 100% rename from docs/fido2-impl.md rename to docs/solo/fido2-impl.md diff --git a/docs/images/favicon.ico b/docs/solo/images/favicon.ico similarity index 100% rename from docs/images/favicon.ico rename to docs/solo/images/favicon.ico diff --git a/docs/images/logo.svg b/docs/solo/images/logo.svg similarity index 100% rename from docs/images/logo.svg rename to docs/solo/images/logo.svg diff --git a/docs/solo/index.md b/docs/solo/index.md new file mode 100644 index 0000000..ab5ffdb --- /dev/null +++ b/docs/solo/index.md @@ -0,0 +1,4 @@ +Welcome to the technical documentation for [solokeys/solo](https://github.com/solokeys/solo). + +For now, you can read the repository `README.md`, more documentation to come! + diff --git a/docs/solo/repo-readme.md b/docs/solo/repo-readme.md new file mode 120000 index 0000000..fe84005 --- /dev/null +++ b/docs/solo/repo-readme.md @@ -0,0 +1 @@ +../../README.md \ No newline at end of file diff --git a/docs/signed-updates.md b/docs/solo/signed-updates.md similarity index 100% rename from docs/signed-updates.md rename to docs/solo/signed-updates.md diff --git a/docs/udev.md b/docs/solo/udev.md similarity index 92% rename from docs/udev.md rename to docs/solo/udev.md index d8ad228..4959b13 100644 --- a/docs/udev.md +++ b/docs/solo/udev.md @@ -1,6 +1,6 @@ # tl;dr -Create [`/etc/udev/99-solo.rules`](https://github.com/SoloKeysSec/solo/blob/master/99-solo.rules) and add the following (which assumes your user is in group `plugdev`): +Create [`/etc/udev/99-solo.rules`](https://github.com/solokeys/solo/blob/master/99-solo.rules) and add the following (which assumes your user is in group `plugdev`): ``` # Solo @@ -69,4 +69,4 @@ udevadm trigger | U2F Zero | 0483 | a2ca | ## You got this all wrong, I can't believe it! -Are you suffering from [us being wrong](https://xkcd.com/386/)? Please, send us a [pull request](https://github.com/SoloKeysSec/solo/pulls) and prove us wrong :D +Are you suffering from [us being wrong](https://xkcd.com/386/)? Please, send us a [pull request](https://github.com/solokeys/solo/pulls) and prove us wrong :D diff --git a/mkdocs.yml b/mkdocs.yml index e62a1e7..60b1618 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,22 +1,23 @@ site_name: Solo site_author: SoloKeys site_description: 'Documentation for the SoloKeys solo software' -repo_url: 'https://github.com/solokeyssec/solo' -repo_name: 'solokeyssec/solo' -copyright: 'Copyright © 2018 SoloKeys' +site_url: 'https://docs.solokeys.io/solo/' +repo_url: 'https://github.com/solokeys/solo' +repo_name: 'solokeys/solo' +copyright: 'Copyright © 2018-2019 SoloKeys' nav: - - Home: index.md - - README.md: repo-readme.md - - FIDO2 Implementation: fido2-impl.md - - Signed update process: signed-updates.md - - Building: building.md - - Code documentation: code-overview.md - - Contributing Code: contributing.md - - Contributing Docs: documenting.md - - What the udev?!: udev.md + - Home: solo/index.md + - README.md: solo/repo-readme.md + - FIDO2 Implementation: solo/fido2-impl.md + - Signed update process: solo/signed-updates.md + - Building: solo/building.md + - Code documentation: solo/code-overview.md + - Contributing Code: solo/contributing.md + - Contributing Docs: solo/documenting.md + - What the udev?!: solo/udev.md theme: name: material - logo: 'images/logo.svg' - favicon: 'images/favicon.ico' + logo: 'solo/images/logo.svg' + favicon: 'solo/images/favicon.ico' From ea210320c68b686a2efd41b12a561dbc7a379a52 Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Mon, 7 Jan 2019 23:07:55 +0100 Subject: [PATCH 08/44] Fix some old links --- README.md | 6 +++--- targets/stm32l432/README.md | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 0634920..343554c 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Solo for Hacker is a special version of Solo that let you customize its firmware You can only buy Solo for Hacker at [solokeys.com](https://solokeys.com), as we don't sell it on Amazon and other places to avoid confusing customers. If you buy a Hacker, you can permanently lock it into a regular Solo, but viceversa you can NOT take a regular Solo and turn it a Hacker. -If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://solo.solokeys.io/building/). +If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://docs.solokeys.io/solo/building/). ```bash git clone --recurse-submodules https://github.com/solokeys/solo @@ -97,12 +97,12 @@ Or any client example such as: python python-fido2/examples/credential.py ``` -You can find more details in our [documentation](https://solo.solokeys.io), including how to build on the the NUCLEO-L432KC development board. +You can find more details in our [documentation](https://docs.solokeys.io/solo/), including how to build on the the NUCLEO-L432KC development board. # Documentation -Check out our [official documentation](https://solo.solokeys.io). +Check out our [official documentation](https://docs.solokeys.io/solo/). # Contributors diff --git a/targets/stm32l432/README.md b/targets/stm32l432/README.md index be55b7a..58af397 100644 --- a/targets/stm32l432/README.md +++ b/targets/stm32l432/README.md @@ -1,4 +1,4 @@ -# STM32L4xx Solo +# STM32L432 Solo -Check out our [official documentation](https://solo.solokeys.io/building/) +Check out our [official documentation](https://docs.solokeys.io/solo/building/) for instructions on building and programming! From 6d3313bd3fd08bddcbd6d8b7860e0fa59703d9e3 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Mon, 7 Jan 2019 18:08:59 -0500 Subject: [PATCH 09/44] Update building.md --- docs/building.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/building.md b/docs/building.md index 20740e7..e3f74d0 100644 --- a/docs/building.md +++ b/docs/building.md @@ -68,6 +68,10 @@ reconnect each time you program Solo. python tools/solotool.py monitor ``` +#### Linux Users: + +[See issue 62](https://github.com/solokeys/solo/issues/62). + ### Building a Solo release If you want to build a release of Solo, we recommend trying a Hacker build first From 8eacfa671708f6683fae8d03c7a02a27cdf469f5 Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Tue, 8 Jan 2019 02:14:46 +0100 Subject: [PATCH 10/44] Fix docs again --- mkdocs.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/mkdocs.yml b/mkdocs.yml index 55925aa..2d69cbc 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -7,15 +7,15 @@ repo_name: 'solokeys/solo' copyright: 'Copyright © 2018 - 2019 SoloKeys' nav: - - Home: index.md - - FIDO2 Implementation: fido2-impl.md - - Build instructions: building.md - - Signed update process: signed-updates.md - - Code documentation: code-overview.md - - Contributing Code: contributing.md - - Contributing Docs: documenting.md - - udev Rules: udev.md - - About: repo-readme.md + - Home: solo/index.md + - FIDO2 Implementation: solo/fido2-impl.md + - Build instructions: solo/building.md + - Signed update process: solo/signed-updates.md + - Code documentation: solo/code-overview.md + - Contributing Code: solo/contributing.md + - Contributing Docs: solo/documenting.md + - udev Rules: solo/udev.md + - About: solo/repo-readme.md theme: name: material From 04a85db303d827f6fe36884def364137ee987c1f Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Tue, 8 Jan 2019 20:50:14 -0500 Subject: [PATCH 11/44] serial number --- targets/stm32l432/lib/usbd/usbd_desc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/targets/stm32l432/lib/usbd/usbd_desc.c b/targets/stm32l432/lib/usbd/usbd_desc.c index 63c8e4a..bd0ed90 100644 --- a/targets/stm32l432/lib/usbd/usbd_desc.c +++ b/targets/stm32l432/lib/usbd/usbd_desc.c @@ -56,12 +56,14 @@ #ifndef SOLO_HACKER #define USBD_MANUFACTURER_STRING "Solo Keys" #define USBD_PRODUCT_FS_STRING "Solo" -#define USBD_SERIAL_NUM "solocafebabe" +#ifndef USBD_SERIAL_NUM +#define USBD_SERIAL_NUM "0123456789ABCDEF" +#endif #else #define USBD_MANUFACTURER_STRING "Solo Keys" #define USBD_PRODUCT_FS_STRING "Solo HACKER (Unlocked)" #ifndef USBD_SERIAL_NUM -#define USBD_SERIAL_NUM "Solo-Keys-Solo" +#define USBD_SERIAL_NUM "0123456789ABCDEF" #endif #endif From e7f01f4e55f5a20b319c73d329e0a4347ad10a8a Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Tue, 8 Jan 2019 21:18:18 -0500 Subject: [PATCH 12/44] disable CDC ACM when not debugging --- targets/stm32l432/lib/usbd/usbd_hid.c | 13 ++++--------- targets/stm32l432/src/init.c | 6 +++++- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/targets/stm32l432/lib/usbd/usbd_hid.c b/targets/stm32l432/lib/usbd/usbd_hid.c index a1950c3..bf32911 100644 --- a/targets/stm32l432/lib/usbd/usbd_hid.c +++ b/targets/stm32l432/lib/usbd/usbd_hid.c @@ -114,15 +114,10 @@ USBD_ClassTypeDef USBD_HID = NULL, - - NULL, - NULL, - NULL, - NULL, - // USBD_HID_GetFSCfgDesc, - // USBD_HID_GetFSCfgDesc, - // USBD_HID_GetFSCfgDesc, - // USBD_HID_GetDeviceQualifierDesc, + USBD_HID_GetFSCfgDesc, + USBD_HID_GetFSCfgDesc, + USBD_HID_GetFSCfgDesc, + USBD_HID_GetDeviceQualifierDesc, }; #define USBD_HID_CfgHSDesc USBD_HID_OtherSpeedCfgDesc diff --git a/targets/stm32l432/src/init.c b/targets/stm32l432/src/init.c index daa81d0..8916ba7 100644 --- a/targets/stm32l432/src/init.c +++ b/targets/stm32l432/src/init.c @@ -208,7 +208,7 @@ void usb_init() // Enable USB Clock SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_USBFSEN); - +#if DEBUG_LEVEL > 0 USBD_Composite_Set_Classes(&USBD_HID, &USBD_CDC); in_endpoint_to_class[HID_EPIN_ADDR & 0x7F] = 0; out_endpoint_to_class[HID_EPOUT_ADDR & 0x7F] = 0; @@ -222,6 +222,10 @@ void usb_init() // // USBD_RegisterClass(&Solo_USBD_Device, &USBD_CDC); USBD_CDC_RegisterInterface(&Solo_USBD_Device, &USBD_Interface_fops_FS); +#else + USBD_Init(&Solo_USBD_Device, &Solo_Desc, 0); + USBD_RegisterClass(&Solo_USBD_Device, &USBD_HID); +#endif USBD_Start(&Solo_USBD_Device); } From 9ff52fcdb444d71232dd3373d2dcf86f45777304 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Tue, 8 Jan 2019 21:37:15 -0500 Subject: [PATCH 13/44] Update u2f.c --- fido2/u2f.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/fido2/u2f.c b/fido2/u2f.c index 2d79228..e230262 100644 --- a/fido2/u2f.c +++ b/fido2/u2f.c @@ -1,21 +1,21 @@ /* * Copyright (C) 2018 SoloKeys, Inc. - * + * * This file is part of Solo. - * + * * Solo is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. - * + * * Solo is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with Solo. If not, see - * + * * This code is available under licenses for commercial use. * Please contact SoloKeys for more information. */ @@ -234,12 +234,15 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c } count = ctap_atomic_count(0); - + hash[0] = (count >> 24) & 0xff; + hash[1] = (count >> 16) & 0xff; + hash[2] = (count >> 8) & 0xff; + hash[3] = (count >> 0) & 0xff; crypto_sha256_init(); crypto_sha256_update(req->app,32); crypto_sha256_update(&up,1); - crypto_sha256_update((uint8_t *)&count,4); + crypto_sha256_update(hash,4); crypto_sha256_update(req->chal,32); crypto_sha256_final(hash); @@ -248,7 +251,11 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c crypto_ecc256_sign(hash, 32, sig); u2f_response_writeback(&up,1); - u2f_response_writeback((uint8_t *)&count,4); + hash[0] = (count >> 24) & 0xff; + hash[1] = (count >> 16) & 0xff; + hash[2] = (count >> 8) & 0xff; + hash[3] = (count >> 0) & 0xff; + u2f_response_writeback(hash,4); dump_signature_der(sig); return U2F_SW_NO_ERROR; From 8c103be5c06f489c33836dedd3b4d161977fda22 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 7 Jan 2019 19:47:01 +0100 Subject: [PATCH 14/44] Udev rules related docs update Signed-off-by: Szczepan Zalega --- docs/solo/udev.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/solo/udev.md b/docs/solo/udev.md index 4959b13..eb0dee4 100644 --- a/docs/solo/udev.md +++ b/docs/solo/udev.md @@ -1,6 +1,6 @@ # tl;dr -Create [`/etc/udev/99-solo.rules`](https://github.com/solokeys/solo/blob/master/99-solo.rules) and add the following (which assumes your user is in group `plugdev`): +Create [`/etc/udev/rules.d/99-solo.rules`](https://github.com/solokeys/solo/blob/master/99-solo.rules) and add the following (which assumes your user is in group `plugdev`): ``` # Solo @@ -13,7 +13,7 @@ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="10c4", ATTRS{idProduct Then run ``` -udevadm trigger +sudo udevadm control --reload-rules && sudo udevadm trigger ``` # How do udev rules work and why are they needed From 4110434e33eb8a943b3f95ea9244274cdf42e0e9 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 9 Jan 2019 11:40:34 +0100 Subject: [PATCH 15/44] Add Udev symlink for Solo's serial port Signed-off-by: Szczepan Zalega --- 99-solo.rules | 2 ++ 1 file changed, 2 insertions(+) diff --git a/99-solo.rules b/99-solo.rules index e2f9a47..ce8cc8a 100644 --- a/99-solo.rules +++ b/99-solo.rules @@ -2,5 +2,7 @@ ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ATTRS{product}=="Solo", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solokey" ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ATTRS{product}=="Solo HACKER (Unlocked)", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solohacker" +SUBSYSTEM=="tty", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solokey-serial" + # U2F Zero KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8acf", TAG+="uaccess", GROUP="plugdev", SYMLINK+="u2fzero" From 5806b25fd158188403fddf796be17c487faa59aa Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 9 Jan 2019 11:28:57 +0100 Subject: [PATCH 16/44] Prevent Solo's debug serial port use by ModemManager This Udev rule marks the device to be ignored by the MM. Otherwise using the CDC ACM serial port interface will not be possible, while its service is running. Tested on Fedora 29, with ModemManager enabled, using: $ solotool.py monitor /dev/solokey-serial Fixes https://github.com/solokeys/solo/issues/62 As provided by @yparitcher in: https://github.com/solokeys/solo/pull/60#issuecomment-452428432 Signed-off-by: Szczepan Zalega --- 99-solo.rules | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/99-solo.rules b/99-solo.rules index ce8cc8a..0c6450a 100644 --- a/99-solo.rules +++ b/99-solo.rules @@ -1,3 +1,12 @@ +# Notify ModemManager this device should be ignored +ACTION!="add|change|move", GOTO="mm_usb_device_blacklist_end" +SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_end" +ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_end" + +ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ENV{ID_MM_DEVICE_IGNORE}="1" + +LABEL="mm_usb_device_blacklist_end" + # Solo ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ATTRS{product}=="Solo", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solokey" ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ATTRS{product}=="Solo HACKER (Unlocked)", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solohacker" From 1866d366fbbdbf83e9e063a7f8e3a42f325af391 Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Fri, 18 Jan 2019 18:05:41 +0100 Subject: [PATCH 17/44] Add cla-bot configuration --- .clabot | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .clabot diff --git a/.clabot b/.clabot new file mode 100644 index 0000000..76e90a2 --- /dev/null +++ b/.clabot @@ -0,0 +1,4 @@ +{ + "contributors": "https://raw.githubusercontent.com/solokeys/contributors/master/contributors.json", + "message": "We require contributors to sign our Copyright License Agreement, and we don't have {{usersWithoutCLA}} on file. In order for us to review and merge your code, please visit https://solokeys.com/legal/contributors, or contact @nickray, @conorpp or @0x0ece for further information or help." +} From 31538faab134e439ff8051d577563babbd1e8b0d Mon Sep 17 00:00:00 2001 From: fossabot Date: Wed, 9 Jan 2019 12:11:57 -0800 Subject: [PATCH 18/44] Add license scan report and status Signed-off-by: fossabot --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 343554c..7633e17 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ [![Build Status](https://travis-ci.com/solokeys/solo.svg?branch=master)](https://travis-ci.com/solokeys/solo) [![Discourse Users](https://img.shields.io/discourse/https/discourse.solokeys.com/users.svg)](https://discourse.solokeys.com) [![Keybase Chat](https://img.shields.io/badge/chat-on%20keybase-brightgreen.svg)](https://keybase.io/team/solokeys.public) +[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_shield) # Solo @@ -121,6 +122,9 @@ All software is licensed under GPLv3, and hardware under CC BY-SA 4.0. Software and hardware are available under licenses for commercial use. Please contact SoloKeys for more information. + +[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo.svg?type=large)](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_large) + # Where To Buy Solo -You can buy Solo, Solo Tap, and Solo for Hackers at [solokeys.com](https://solokeys.com). +You can buy Solo, Solo Tap, and Solo for Hackers at [solokeys.com](https://solokeys.com). \ No newline at end of file From dffc1833cbfa914b6708948d968ae1bc7f9c3b18 Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Sat, 19 Jan 2019 03:53:28 +0100 Subject: [PATCH 19/44] Update contributing.md --- docs/solo/contributing.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/solo/contributing.md b/docs/solo/contributing.md index 1728356..3c82137 100644 --- a/docs/solo/contributing.md +++ b/docs/solo/contributing.md @@ -2,14 +2,14 @@ We are very open to contributions! [Currently](https://github.com/solokeys/solo/issues), most work will go towards -* implementing STM32L432 +* ~~implementing STM32L432~~ * implementing NFC * adding documentation and improving accessability of the code In the future, we would love to see creative plugins/extensions, putting the TRNG and other features of the STM32L432 to good use! -Feel free to send a [pull request](https://github.com/solokeys/solo/pulls) at any time, we don't currently have a formal contribution process. +Feel free to send a [pull request](https://github.com/solokeys/solo/pulls) at any time, please note that we do require a lightweight copyright license agreement in order to accept contributions. Reason and procedure: . If you want to discuss your plans in quasi-realtime beforehand, you can also join our [solokeys.public](https://keybase.io/team/solokeys.public) Keybase team. -But first: [join our mailing list!](https://solokeys.us19.list-manage.com/subscribe/post?u=cc0c298fb99cd136bdec8294b&id=b9cb3de62d) +But first: [join our mailing list!](https://solokeys.us19.list-manage.com/subscribe/post?u=cc0c298fb99cd136bdec8294b&id=6550fc947a) From a72f5029dc08eb970216343af4f60b353f2e7925 Mon Sep 17 00:00:00 2001 From: Paul Jimenez Date: Sun, 20 Jan 2019 22:57:37 -0500 Subject: [PATCH 20/44] Make solotool complain if it's run with py2 --- tools/solotool.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/solotool.py b/tools/solotool.py index b9f4606..00a21c8 100755 --- a/tools/solotool.py +++ b/tools/solotool.py @@ -954,6 +954,10 @@ def main_mergehex(): if __name__ == '__main__': + if sys.version_info[0] < 3: + print('Sorry, python3 is required.') + sys.exit(1) + if len(sys.argv) < 2 or (len(sys.argv) == 2 and asked_for_help()): print('Diverse command line tool for working with Solo') print('usage: %s [options] [-h]' % sys.argv[0]) From 7bd5f29a79106c49fcd6131af34b09440c63b2aa Mon Sep 17 00:00:00 2001 From: Paul Jimenez Date: Wed, 16 Jan 2019 19:50:52 -0500 Subject: [PATCH 21/44] add cppcheck to travis --- .travis.yml | 1 + Makefile | 13 ++++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8d8a18f..47db786 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,6 +7,7 @@ addons: - ubuntu-toolchain-r-test packages: - gcc-7 + - cppcheck script: - export CC=gcc-7 - make test diff --git a/Makefile b/Makefile index d72d90f..99beef4 100644 --- a/Makefile +++ b/Makefile @@ -45,9 +45,6 @@ cbor: $(LIBCBOR) $(LIBCBOR): tinycbor/Makefile cd tinycbor/ && $(MAKE) clean && $(MAKE) -j8 -test: - $(MAKE) -C . main - .PHONY: efm8prog efm8prog: cd './targets/efm8\Keil 8051 v9.53 - Debug' && $(MAKE) all @@ -92,6 +89,16 @@ wink3: env3 fido2-test: env3 env3/bin/python tools/ctap_test.py +CPPCHECK_FLAGS=--quiet --error-exitcode=2 + +cppcheck: + cppcheck $(CPPCHECK_FLAGS) crypto/aes-gcm + cppcheck $(CPPCHECK_FLAGS) crypto/sha256 + cppcheck $(CPPCHECK_FLAGS) fido2 + cppcheck $(CPPCHECK_FLAGS) pc + +test: main cppcheck + clean: rm -f *.o main.exe main $(obj) rm -rf env2 env3 From 29d4d8825935c16da77fa512c315a77d91d34a7f Mon Sep 17 00:00:00 2001 From: Paul Jimenez Date: Thu, 17 Jan 2019 10:01:30 -0500 Subject: [PATCH 22/44] upgrade to xenial for a newer cppcheck --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 47db786..72ff11a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,4 +1,4 @@ -dist: trusty +dist: xenial language: c compiler: gcc addons: From 15c33832493581de2be515ac8b3268d670daaf7d Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 23 Jan 2019 19:23:21 -0500 Subject: [PATCH 23/44] be more clear that these aren't implemented yet --- docs/fido2-impl.md | 84 ++++++++++++++++++++++++++++++++++++++++++ docs/signed-updates.md | 26 +++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 docs/fido2-impl.md create mode 100644 docs/signed-updates.md diff --git a/docs/fido2-impl.md b/docs/fido2-impl.md new file mode 100644 index 0000000..2bd5866 --- /dev/null +++ b/docs/fido2-impl.md @@ -0,0 +1,84 @@ +This page aims to document the security related aspects of the FIDO2 +implementation on Solo. This is to make it easier for public review and +comments. + +# Key generation + +Solo aims to achieve 256 bit (32 byte) security with its FIDO2 implementation, +even in light of physical side channels. + +When Solo is first programmed, it will be "uninitialized," meaning it won't +have any secret material, until the first time it boots, then it will leverage +the TRNG to generate all necessary material. This only happens once. + +A master secret, `M`, is generated at initialization. This is only used for +all key generation and derivation in FIDO2. Solo uses a key wrapping method +for FIDO2 operation. + +** NOTE: The masked implementation of AES is planned, but not yet implemented. Currently it is normal AES. ** + +## Key wrapping + +When you register a service with a FIDO2 or U2F authenticator, the +authenticator must generate a new keypair unique to that service. This keypair +could be stored on the authenticator to be used in subsequent authentications, +but now a certain amount of memory needs to be allocated for this. On embedded +devices, there isn't much memory to spare and users will allows frustratingly +hit the limit of this memory. + +The answer to this problem is to do key wrapping. The authenticator just +stores `M` and uses `M` and the TRNG to generate new keys and derive previous +keys on the fly. A random number, `R`, is generated, and is placed in the +FIDO2/U2F `KEYID` parameter. The service stores `KEYID` after registering a +key and will issue it back to the authenticator for subsequent authentications. + +In essence, the following happens at registration. + +1. Generate `R`, calculate private key, `K`, using `HMAC(M,R)` +2. Derive public key, `P`, from `K` +3. Return `P` and `R` to service. (`R` is in `KEYID` parameter) +4. Service stores `P` and `R`. + +Now on authenication. + +1. Service issues authentication request with `R` in `KEYID` parameter. +2. \* Authenticator generates `K` by calculating `HMAC(M,R)`. +3. Proceed normally as if `K` was loaded from storage memory. + + + + +## Key derivation + +Master secret `M` consists of 64 bytes, split into equal parts `M1` and `M2`. +In theory, we should only need 32 bytes to achieve 256 security, but we also +plan to have side channel security hence the added bytes. + +Our HMAC currently is a two step process. First, just generate a normal +`SHA256-HMAC`. + +1. `tmp = SHA256_HMAC(M1, R)` + +We could proceed using `tmp` as our secret key, `K`. But our `SHA256-HMAC` +implementation isn't side channel resistant and we won't bother trying to add +side channel resistance. So we add an additional stage that is side channel +resistant. + +2. `K = aes256_masked(M2, tmp)` + +We add a masked AES encryption to provide side channel resistance. Masked AES +is well studied and relatively easy to implement. An adversary may be able to +recover `M1` via SCA but not `M2`. + + + +* There are other details I leave out. There's also an authentication tag +in the `KEYID` parameter to ensure this is a key generated by the Solo +key. diff --git a/docs/signed-updates.md b/docs/signed-updates.md new file mode 100644 index 0000000..39eae90 --- /dev/null +++ b/docs/signed-updates.md @@ -0,0 +1,26 @@ + +Solo has a bootloader that's fixed in memory to allow for signed firmware updates. It is not a built-in bootloader provided by the chip +manufacturer, it is our own. We plan to use Ed25519 signatures, which have [efficient constant-time implementations on Cortex-M4 chips](http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf). + +On the STM32L432, there is 256 KB of memory. The first 14 KB of memory is reserved for the bootloader. +The bootloader is the first thing that boots, and if the button of the device is not held for 2 seconds, the +application is immediately booted. + +Consider the following memory layout of the device. + +| 14 KB | 226 KB | 16KB | +|---|---|---| +| --boot-- | -------application------- | --data-- | + +Our bootloader resides at address 0, followed by the application, and then the final 16 KB allocated for secret data. + +The bootloader is allowed to replace any data in the application segment. When the application is first written to, +a mass erase of the application segment is triggered and a flag in the data segment is set indicating the application +is not safe to boot. + +In order to boot the application, a valid signature must be provided to the bootloader. The bootloader will verify the +signature using a public key stored in the bootloader section, and the data in the application section. If the signature +is valid, the boot flag in the data section will be changed to allow boot. + +We are working to make the signature checking process redundantly to make glitching attacks more difficult. Also random delays +between redundant checks. From a75d272f4a92c7d591ccfcd35a6e2567c3aa2696 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 23 Jan 2019 19:53:58 -0500 Subject: [PATCH 24/44] move files, not yet implemented masked aes --- docs/fido2-impl.md | 2 ++ docs/signed-updates.md | 26 -------------------------- docs/solo/fido2-impl.md | 4 +++- docs/solo/signed-updates.md | 4 ++-- 4 files changed, 7 insertions(+), 29 deletions(-) delete mode 100644 docs/signed-updates.md diff --git a/docs/fido2-impl.md b/docs/fido2-impl.md index 2bd5866..a5c8ba4 100644 --- a/docs/fido2-impl.md +++ b/docs/fido2-impl.md @@ -57,6 +57,8 @@ keys which are then used for FIDO2/U2F. --> ## Key derivation +** Planned, but not yet implemented. ** + Master secret `M` consists of 64 bytes, split into equal parts `M1` and `M2`. In theory, we should only need 32 bytes to achieve 256 security, but we also plan to have side channel security hence the added bytes. diff --git a/docs/signed-updates.md b/docs/signed-updates.md deleted file mode 100644 index 39eae90..0000000 --- a/docs/signed-updates.md +++ /dev/null @@ -1,26 +0,0 @@ - -Solo has a bootloader that's fixed in memory to allow for signed firmware updates. It is not a built-in bootloader provided by the chip -manufacturer, it is our own. We plan to use Ed25519 signatures, which have [efficient constant-time implementations on Cortex-M4 chips](http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf). - -On the STM32L432, there is 256 KB of memory. The first 14 KB of memory is reserved for the bootloader. -The bootloader is the first thing that boots, and if the button of the device is not held for 2 seconds, the -application is immediately booted. - -Consider the following memory layout of the device. - -| 14 KB | 226 KB | 16KB | -|---|---|---| -| --boot-- | -------application------- | --data-- | - -Our bootloader resides at address 0, followed by the application, and then the final 16 KB allocated for secret data. - -The bootloader is allowed to replace any data in the application segment. When the application is first written to, -a mass erase of the application segment is triggered and a flag in the data segment is set indicating the application -is not safe to boot. - -In order to boot the application, a valid signature must be provided to the bootloader. The bootloader will verify the -signature using a public key stored in the bootloader section, and the data in the application section. If the signature -is valid, the boot flag in the data section will be changed to allow boot. - -We are working to make the signature checking process redundantly to make glitching attacks more difficult. Also random delays -between redundant checks. diff --git a/docs/solo/fido2-impl.md b/docs/solo/fido2-impl.md index d0d5890..2bd5866 100644 --- a/docs/solo/fido2-impl.md +++ b/docs/solo/fido2-impl.md @@ -15,13 +15,15 @@ A master secret, `M`, is generated at initialization. This is only used for all key generation and derivation in FIDO2. Solo uses a key wrapping method for FIDO2 operation. +** NOTE: The masked implementation of AES is planned, but not yet implemented. Currently it is normal AES. ** + ## Key wrapping When you register a service with a FIDO2 or U2F authenticator, the authenticator must generate a new keypair unique to that service. This keypair could be stored on the authenticator to be used in subsequent authentications, but now a certain amount of memory needs to be allocated for this. On embedded -devices, there isn't much memory to spare and users will always frustratingly +devices, there isn't much memory to spare and users will allows frustratingly hit the limit of this memory. The answer to this problem is to do key wrapping. The authenticator just diff --git a/docs/solo/signed-updates.md b/docs/solo/signed-updates.md index 86dba1d..39eae90 100644 --- a/docs/solo/signed-updates.md +++ b/docs/solo/signed-updates.md @@ -22,5 +22,5 @@ In order to boot the application, a valid signature must be provided to the boot signature using a public key stored in the bootloader section, and the data in the application section. If the signature is valid, the boot flag in the data section will be changed to allow boot. -Signature checks and checks to the data section boot flag are made redundantly to make glitching attacks more difficult. Random delays -between redundant checks are also made. +We are working to make the signature checking process redundantly to make glitching attacks more difficult. Also random delays +between redundant checks. From ff4cb32bc35442d46b1b899e97858e87a880f427 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 26 Jan 2019 17:15:40 -0500 Subject: [PATCH 25/44] Update solotool.py --- tools/solotool.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tools/solotool.py b/tools/solotool.py index 00a21c8..a511e50 100755 --- a/tools/solotool.py +++ b/tools/solotool.py @@ -35,6 +35,7 @@ from fido2.hid import CtapHidDevice, CTAPHID from fido2.client import Fido2Client, ClientError from fido2.ctap import CtapError from fido2.ctap1 import CTAP1, ApduError +from fido2.ctap2 import CTAP2 from fido2.utils import Timeout import usb.core @@ -145,6 +146,7 @@ class SoloClient: raise RuntimeError('No FIDO device found') self.dev = dev self.ctap1 = CTAP1(dev) + self.ctap2 = CTAP2(dev) if self.exchange == self.exchange_hid: self.send_data_hid(CTAPHID.INIT, '\x11\x11\x11\x11\x11\x11\x11\x11') @@ -222,6 +224,9 @@ class SoloClient: def wink(self,): self.send_data_hid(CTAPHID.WINK, b'') + def reset(self,): + self.ctap2.reset() + def enter_solo_bootloader(self,): """ If solo is configured as solo hacker or something similar, @@ -560,11 +565,15 @@ def solo_main(): help='Continuously dump random numbers generated from Solo.', ) parser.add_argument("--wink", action="store_true", help='HID Wink command.') + parser.add_argument("--reset", action="store_true", help='Issue a FIDO2 reset command. Warning: your credentials will be lost.') args = parser.parse_args() p = SoloClient() p.find_device() + if args.reset: + p.reset() + if args.rng: while True: r = p.get_rng(255) From 7a6abdfd0c47233d9545bc2ad7fd27913588b97b Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 26 Jan 2019 18:06:01 -0500 Subject: [PATCH 26/44] add command to verify SoloKeys attestation cert --- tools/solotool.py | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/tools/solotool.py b/tools/solotool.py index a511e50..25ba996 100755 --- a/tools/solotool.py +++ b/tools/solotool.py @@ -31,6 +31,10 @@ import tempfile from binascii import hexlify, unhexlify from hashlib import sha256 +from cryptography import x509 +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.backends import default_backend + from fido2.hid import CtapHidDevice, CTAPHID from fido2.client import Fido2Client, ClientError from fido2.ctap import CtapError @@ -120,6 +124,7 @@ class SoloBootloader: class SoloClient: def __init__(self,): self.origin = 'https://example.org' + self.host = 'example.org' self.exchange = self.exchange_hid self.do_reboot = True @@ -147,6 +152,7 @@ class SoloClient: self.dev = dev self.ctap1 = CTAP1(dev) self.ctap2 = CTAP2(dev) + self.client = Fido2Client(dev, self.origin) if self.exchange == self.exchange_hid: self.send_data_hid(CTAPHID.INIT, '\x11\x11\x11\x11\x11\x11\x11\x11') @@ -227,6 +233,21 @@ class SoloClient: def reset(self,): self.ctap2.reset() + def make_credential(self,): + rp = {'id': self.host, 'name': 'example site'} + user = {'id': b'abcdef', 'name': 'example user'} + challenge = 'Y2hhbGxlbmdl' + attest, data = self.client.make_credential( + rp, user, challenge, exclude_list=[] + ) + attest.verify(data.hash) + print('Register valid') + x5c = attest.att_statement['x5c'][0] + cert = x509.load_der_x509_certificate(x5c, default_backend()) + + return cert + + def enter_solo_bootloader(self,): """ If solo is configured as solo hacker or something similar, @@ -566,6 +587,7 @@ def solo_main(): ) parser.add_argument("--wink", action="store_true", help='HID Wink command.') parser.add_argument("--reset", action="store_true", help='Issue a FIDO2 reset command. Warning: your credentials will be lost.') + parser.add_argument("--verify-solo", action="store_true", help='Verify that the Solo firmware is from SoloKeys.') args = parser.parse_args() p = SoloClient() @@ -584,6 +606,15 @@ def solo_main(): p.wink() sys.exit(0) + if args.verify_solo: + cert = p.make_credential() + solo_fingerprint = b'r\xd5\x831&\xac\xfc\xe9\xa8\xe8&`\x18\xe6AI4\xc8\xbeJ\xb8h_\x91\xb0\x99!\x13\xbb\xd42\x95' + + if (cert.fingerprint(hashes.SHA256()) == solo_fingerprint): + print('Valid firmware from SoloKeys') + else: + print('This is either a Solo Hacker or a invalid Solo.') + def asked_for_help(): for i, v in enumerate(sys.argv): From 1ffe85f08310d904a6e1a8413b14134adbed73ae Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sun, 27 Jan 2019 11:18:50 -0500 Subject: [PATCH 27/44] update attestation verification --- tools/solotool.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tools/solotool.py b/tools/solotool.py index 25ba996..5148b50 100755 --- a/tools/solotool.py +++ b/tools/solotool.py @@ -41,6 +41,7 @@ from fido2.ctap import CtapError from fido2.ctap1 import CTAP1, ApduError from fido2.ctap2 import CTAP2 from fido2.utils import Timeout +from fido2.attestation import Attestation import usb.core import usb.util @@ -240,7 +241,15 @@ class SoloClient: attest, data = self.client.make_credential( rp, user, challenge, exclude_list=[] ) - attest.verify(data.hash) + try: + attest.verify(data.hash) + except AttributeError: + verifier = Attestation.for_type(attest.fmt) + verifier().verify( + attest.att_statement, + attest.auth_data, + data.hash + ) print('Register valid') x5c = attest.att_statement['x5c'][0] cert = x509.load_der_x509_certificate(x5c, default_backend()) From 91066292ae9f5b825186266f4d4bee81d2b7b5df Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Sun, 27 Jan 2019 19:57:48 +0100 Subject: [PATCH 28/44] move fido2-impl.md --- docs/fido2-impl.md | 86 ----------------------------------------- docs/solo/fido2-impl.md | 2 + 2 files changed, 2 insertions(+), 86 deletions(-) delete mode 100644 docs/fido2-impl.md diff --git a/docs/fido2-impl.md b/docs/fido2-impl.md deleted file mode 100644 index a5c8ba4..0000000 --- a/docs/fido2-impl.md +++ /dev/null @@ -1,86 +0,0 @@ -This page aims to document the security related aspects of the FIDO2 -implementation on Solo. This is to make it easier for public review and -comments. - -# Key generation - -Solo aims to achieve 256 bit (32 byte) security with its FIDO2 implementation, -even in light of physical side channels. - -When Solo is first programmed, it will be "uninitialized," meaning it won't -have any secret material, until the first time it boots, then it will leverage -the TRNG to generate all necessary material. This only happens once. - -A master secret, `M`, is generated at initialization. This is only used for -all key generation and derivation in FIDO2. Solo uses a key wrapping method -for FIDO2 operation. - -** NOTE: The masked implementation of AES is planned, but not yet implemented. Currently it is normal AES. ** - -## Key wrapping - -When you register a service with a FIDO2 or U2F authenticator, the -authenticator must generate a new keypair unique to that service. This keypair -could be stored on the authenticator to be used in subsequent authentications, -but now a certain amount of memory needs to be allocated for this. On embedded -devices, there isn't much memory to spare and users will allows frustratingly -hit the limit of this memory. - -The answer to this problem is to do key wrapping. The authenticator just -stores `M` and uses `M` and the TRNG to generate new keys and derive previous -keys on the fly. A random number, `R`, is generated, and is placed in the -FIDO2/U2F `KEYID` parameter. The service stores `KEYID` after registering a -key and will issue it back to the authenticator for subsequent authentications. - -In essence, the following happens at registration. - -1. Generate `R`, calculate private key, `K`, using `HMAC(M,R)` -2. Derive public key, `P`, from `K` -3. Return `P` and `R` to service. (`R` is in `KEYID` parameter) -4. Service stores `P` and `R`. - -Now on authenication. - -1. Service issues authentication request with `R` in `KEYID` parameter. -2. \* Authenticator generates `K` by calculating `HMAC(M,R)`. -3. Proceed normally as if `K` was loaded from storage memory. - - - - -## Key derivation - -** Planned, but not yet implemented. ** - -Master secret `M` consists of 64 bytes, split into equal parts `M1` and `M2`. -In theory, we should only need 32 bytes to achieve 256 security, but we also -plan to have side channel security hence the added bytes. - -Our HMAC currently is a two step process. First, just generate a normal -`SHA256-HMAC`. - -1. `tmp = SHA256_HMAC(M1, R)` - -We could proceed using `tmp` as our secret key, `K`. But our `SHA256-HMAC` -implementation isn't side channel resistant and we won't bother trying to add -side channel resistance. So we add an additional stage that is side channel -resistant. - -2. `K = aes256_masked(M2, tmp)` - -We add a masked AES encryption to provide side channel resistance. Masked AES -is well studied and relatively easy to implement. An adversary may be able to -recover `M1` via SCA but not `M2`. - - - -* There are other details I leave out. There's also an authentication tag -in the `KEYID` parameter to ensure this is a key generated by the Solo -key. diff --git a/docs/solo/fido2-impl.md b/docs/solo/fido2-impl.md index 2bd5866..a5c8ba4 100644 --- a/docs/solo/fido2-impl.md +++ b/docs/solo/fido2-impl.md @@ -57,6 +57,8 @@ keys which are then used for FIDO2/U2F. --> ## Key derivation +** Planned, but not yet implemented. ** + Master secret `M` consists of 64 bytes, split into equal parts `M1` and `M2`. In theory, we should only need 32 bytes to achieve 256 security, but we also plan to have side channel security hence the added bytes. From 37f1790028032a8a7ecf1eba552ef14fb075e306 Mon Sep 17 00:00:00 2001 From: Nicolas Stalder Date: Sun, 27 Jan 2019 20:08:15 +0100 Subject: [PATCH 29/44] Add metadata statements and include in documentation --- docs/solo/metadata-statements.md | 12 ++++++ metadata/solo-FIDO2-CTAP2-Authenticator.json | 39 ++++++++++++++++++++ metadata/solo-FIDO2-U2F-Authenticator.json | 37 +++++++++++++++++++ mkdocs.yml | 4 ++ 4 files changed, 92 insertions(+) create mode 100644 docs/solo/metadata-statements.md create mode 100644 metadata/solo-FIDO2-CTAP2-Authenticator.json create mode 100644 metadata/solo-FIDO2-U2F-Authenticator.json diff --git a/docs/solo/metadata-statements.md b/docs/solo/metadata-statements.md new file mode 100644 index 0000000..3aea488 --- /dev/null +++ b/docs/solo/metadata-statements.md @@ -0,0 +1,12 @@ +For information on what this is, see the [spec](https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-metadata-statement-v2.0-rd-20180702.html#fido2-example). +## CTAP2 + +``` +{!metadata/solo-FIDO2-CTAP2-Authenticator.json!} +``` + +## U2F + +``` +{!metadata/solo-FIDO2-U2F-Authenticator.json!} +``` diff --git a/metadata/solo-FIDO2-CTAP2-Authenticator.json b/metadata/solo-FIDO2-CTAP2-Authenticator.json new file mode 100644 index 0000000..9f35933 --- /dev/null +++ b/metadata/solo-FIDO2-CTAP2-Authenticator.json @@ -0,0 +1,39 @@ +{ + "description": "Solo Secp256R1 FIDO2 CTAP2 Authenticator", + "aaguid": "8876631b-d4a0-427f-5773-0ec71c9e0279", + "alternativeDescriptions": { + }, + "protocolFamily": "fido2", + "authenticatorVersion": 2, + "upv": [ + { + "major": 1, + "minor": 0 + } + ], + "assertionScheme": "FIDOV2", + "authenticationAlgorithm": 1, + "publicKeyAlgAndEncoding": 260, + "attestationTypes": [ + 15879, + 15880 + ], + "userVerificationDetails": [ + [ + { + "userVerification": 4 + } + ] + ], + "keyProtection": 2, + "matcherProtection": 4, + "cryptoStrength": 128, + "attachmentHint": 2, + "isSecondFactorOnly": false, + "tcDisplay": 0, + "attestationRootCertificates": [ +"MIIB9DCCAZoCCQDER2OSj/S+jDAKBggqhkjOPQQDAjCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQKDAlTb2xvIEtleXMxEDAOBgNVBAsMB1Jvb3QgQ0ExFTATBgNVBAMMDHNvbG9rZXlzLmNvbTEhMB8GCSqGSIb3DQEJARYSaGVsbG9Ac29sb2tleXMuY29tMCAXDTE4MTExMTEyNTE0MloYDzIwNjgxMDI5MTI1MTQyWjCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQKDAlTb2xvIEtleXMxEDAOBgNVBAsMB1Jvb3QgQ0ExFTATBgNVBAMMDHNvbG9rZXlzLmNvbTEhMB8GCSqGSIb3DQEJARYSaGVsbG9Ac29sb2tleXMuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWHAN0CCJVZdMs0oktZ5m93uxmB1iyq8ELRLtqVFLSOiHQEab56qRTB/QzrpGAY++Y2mw+vRuQMNhBiU0KzwjBjAKBggqhkjOPQQDAgNIADBFAiEAz9SlrAXIlEu87vra54rICPs+4b0qhp3PdzcTg7rvnP0CIGjxzlteQQx+jQGd7rwSZuE5RWUPVygYhUstQO9zNUOs" + ], + "icon": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAMAAAAKE/YAAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAC+lBMVEX////w8PDX19e+vb2lpKSko6O/vr7a2dn19PX6+vq7urp6eHhfXFxGQkMsKSojHyAzLzBNSktoZWaKiIjS0dLY19iDgYH8+/zZ2Nl4dncxLS6XlZW6ubn4+Pjo5+d4dXYlISI5NTaurK3+/v64t7csKClZVlfv7++joaHk5OQ5Njfr6+vg3+BlYmJWU1SopqfHxsYmIyM9OTpST1A/PD04NDV8eXrW1dX8/Pze3t6HhYUtKiq8ursvKyzj4+Pv7u5fXF1nZGXR0NEnIyTh4OD09PQrJyhaV1jm5uZ+fH1EQEHFxMTKycq3tbaioKGNi4y2tLXu7e7GxcWxsLCenJyRj5CmpaXQz8+Rj48/OzzEw8SWlJRVUlMmIiNTUFGUkpP9/f3Ix8eIhoZHREVkYWKkoqKenZ3U09NhXl/T0tJKR0d7eXkkICGCgIBsampraWnV1NQqJidraGnl5eW0s7NXVFTs7OxFQUL29vY+Ojt2c3QoJCVcWVqamJnMy8vNzMybmZo6Nzjn5uc3MzTp6elYVVX7+/tmZGRiX2DOzc1STk+Vk5OPjY3q6uo0MTFta2uBf39MSUqGhIVeW1vLysuwr6+qqKi3trY1MTLy8vLj4uJbWFnKyclCPz8pJSaqqalIRUbc3Nysq6uysbGzsrJ1cnPf3t8zMDEuKiuZl5ihn6Ccmpr29fXJyMhPTE2LiIn39/ddWls8ODlzcXFycHCAfn5UUVKXlpZLR0h0cnJYVVa5uLhDQECQjo6fnZ5JRkZxbm9jYGEwLC1MSEllY2Pz8/NBPj9RTk7b2trDwsJQTU2pp6hwbW5OS0yLiYpgXV7Pzs75+flqZ2gyLi87ODjCwcGdm5uJh4erqqpAPT6npabQ0NCEgYJ+e3zx8fGtrKzAv79yb3CFg4SSkJFua2y1s7S9u7ywrq/DwsOMiouEgoPc29uYlpe9vL19envt7e3d3d02MjOvra7p6Oignp9pZmd3dHXBwMDi4eFGQ0R/fX6OjIxvbG3W1tac12V4AAAAAWJLR0QAiAUdSAAAAAd0SU1FB+IJGhc6HI0t8mAAAA2TSURBVHja7Vx5fBRFFi7CHUkaRAy3wUC4xJAAS7jCEQgokVPkTBiyikCGy4UVCUHOoIaQcCcYgsgpyxFAETcCIgRw5UgMuAroxgtWFPBYV113f7/N1OueetVd3TM1ESZ/9PdPpt5R/aW7uvpV1asixIYNGzZs2LBhw4YNGzZs2LBhw4YNGzZsSKNSQOUqVatVr+FvHl6iZuA9tYKCFRW169xb9z5fq6p3P0PIHaRcv0FDxYCgRr7d8caojiZ3jHLTB0IVIZo9GFZRSTdvoZgivGXFJN0qVLFAUOuKSLqKYo02bSse6YdaeCCttKtwpMMe9sRZUSIqGun2OoKRUR06RupknSQ72ztO+gHMLvgPnaPLZCFdunbjWHevWKSb9EAXiIpxy3v2wqR7VyzSfVD9sX2Rol8dpImT+8TcadKBqP7+nKYevtUDKhTpqqj+R3jVo0g10OjZMv6xQYMHDxoSP1SS9IBhwx+vO+KJwJE+/z+jUP2jeVVEb4YxOreAseMSNLfQxPGdvSXtmJD0R9bonnxK7glqmIgbwWNeOj09Sd+T15rsFenuU/QdbHJTH0g3x1U4p3rzxNpOcyoGOKejj70J6RmJRj9lZlJNadJ9+CoaPhPxJw8enaMUIaJYGxGTnmUSL8z+syzpGsaanp1abY65Q+NgxQTBjS1JDzbzU56rL8t6rqialHmp9cTm82NNr62kPG9BeoG5n7JQNo6cb1ZTmweGVDJYL1pscW2l2RJT0gMTrByXpkmyXmZeV8ILL/K2jpewuluv9OXhM7FkdpgJ6YwV2KxT5uNZK7mRxypJ0pVMXizA6jXYdi3SRK6jsV/NVNyXrDch/QiSZMOdyJmOZLEbJFnft0Kxwsu5bsuQjUycF6hJN6En/4pDSHoDehMWblb9ohsgs7mSpEnrlZaslfGa4atIuIX54w/UViHpbegBbWeO9zJxwkOyrOeM2GHJOtkBdihcjYpG7mjKpLeIdNpOVs5E130R2b0mS7rsurtGW7H+CzXancckjbD3KibfmSYgvQeVuXdkL5Ovlidd1l6HWzSSvOouk+7oaXJfsb7IdI+A9D5WnMJddB26RL4vrAmJiZhe24T1fpc+iZUP8J7o8acLSM9mxYOc3wxkON830mVw9El/eaaAtNMVQ77Oyom8WxDTvCEgjTqdfZzfUGS43mfSLjRpv/yQIY57s0xRixWf4V32M800AWn0IAbxjnFM81S5SLvQOj2IJ+0aih1mxam8+VtM81cj6XxULOAd32aaI+UmXYajXGj0Nt8Iknjbe/iGoyOdg4rVeMdjZg3HV8zHjbtFmSCcFd/hTY8zTW8jaYK6St1k1btMM9FbXtF1TjDs0WtP4ltdSEgm3wgQUMNJFpBG0Q3fCPohwy3EWyxEXll65SakdJYNirJY8RRviT6oywWkT7NiA87vDDIc5jXppciro145HCk7ES704D8FLZFhgYB0Misu5a5QgO7KUOIt0GuvKO/plKhfVv5WVm6LOsJN2DCVyWMLBaRR2dkFO6J3Ya/XnMn7mHTD6pwuBn8ezxL+MZ9Dhg4Ut4QTAel+qCPKQo590V047z3pHO7zF4Wjmc6dsIoOWhshARrTYI4TRaTJBVbuUcgc70d2Rd6Txj2CC3Ve3VDsEs8p+CAPy2vTyYmcEia5eEarogg9kezdQtJ4IDo7R3OsgkZc8yQ4k1zFgBWHn31XL1Mf6lgk2jESZJfwnMKHREgaN15lpRohjscXkAuXkhUvsFhdl6uBm0xk4t8rN7//HB6gXsw3IT0DD8Z3TmrU/qO5H+MLPCnFmfSzHNeqcE/yxcdamaUUERPS5EPL+i/KTjKNLFE8AX0RqlrZXSampMlZC7+8K5KcCanfxgPnq3gdIMnczh1FiUjP6W/+gLZKcy7rkM9ZUY5sxFtHmLSQWBYLCefy0j4xuUD2Gq+ZYjgisk05jwvQW+ceENkdYNMjZlO9T+wUOXaQX8ZW8ekR8Wj83D8ES0TFuzrp7RYfLUYGZpPqPZMMc7RTGnuiZoWw+OTndBWeWmU2B5t/+SS6fNyTVXZz6pFo4YOfWsx4cynq/LIPNvYlM4NHy4EL7smc9PCUOv17bxtV2tPStvhS6qrP9u//7PPUUrkFn0pDxmZlhk+au+/oSEe5GduwYcOGDRs2bNiwYcNGhcXlcBe+MNFuodrw/r6vTN4R1KVDzC/Fyq3qKHSXv1lKkP5K5dzK3yQlSK+HPGpnVX9zlCBdoHJ+wt8UJUgHwpyd831/M5QgfQ04h27yoU5/ka6cApxf9Tc/CdKlsEwU+qC/6UmQvgScE677m50E6X/C6mLCcH+TkyA9EPJdEnxZVfAX6fbAOfIrf1OTIL0HpssjTXPtw9YkTR83us3edslr0ZIxcTRxQZyeW0x1rDxg2Lqvz447njXxWvX834N0LizAxjY3sc+4gXJE8k6yHQ7fUEmUQ+CziC6QulPy4lEGlxJ8vhKRho70Gtj/FGuyFBJ9FO9AcuF1d54G5I6MEXh9i0PFCeG6GhqO3U0kwZN+HjinmGzWytirGLBDi7UhT/kdgRvdJRL3Kf1dWbBjM0p2wZYjXQSLZik3xbYxp7RmcfpW0oVmamGnmkVRTJOC4nIMbpOpGeQ+dlFzBfLerrWt3WEts3ZeNJECJj0Snn1eNbHpBmjNoec7w+t2+zokTfSYAfrPackYFEJaR7zrZyGkyY2+rO4TubIM8lS+9pl0H7gLeaViy+hDVL0QZZU1nUdFh2G/4ne00EHvF/K9SxxEf/9ATWajPmYPDcyc7xEZMNKT1YeVMkNsOYJqe3ErdQ5wh1RlAsvf3+j8biITetNLfsTqf1F1JpGBm/TT7myER4Vv8xk6Jvj+U91tpC9Ztwxa2ErdddmRZBq9E9DJ0L2xP/H6Di5ZbYcvpDujpJ5tIsN/U9UPevF7VAyL/jXpErtucyukScFL46AfgRF8DV/QGqSyJ1TSAVyCvSBSWkID7HCjop1LvhF+Q14F3/dEUBnsDQyh/d1ZvgJIsh9PJACkz8EOjLyxMC7c2ddgd8TsflyiCshBeIj2BR9weprxfUpdA6fd5Pf8gnjIVhekZlbqohuc97OWWnXaEEPQbTklDmMFbXFDponUsTiZ8Rcnaz6EQAc0VbJbtiLt6usc0IkZ3qZCOgUi3CC8GLWbIdT5KNLSFhuZoZbUHVzHq5NygZGGb8oSyFfRd5zXqPRxUQ10I0k3eAZp9D84gbQbuf4iQ8v2O5Z+RXa/loh0SmUQVINv1GI+HoDkx0ttBbhFVeq920cLM9x+z9NyqbuMDl6YOW5Vwe3ykdY4E3IDBBe41+Wq4gEqL2jCWW4/+h/hePVz3u3X5OvWeSVWpFGMVFPNw1qAzT7zRFobm9HGskPbglpcYuiYtzTTebb4pAuRBJBOuYZE29WYGp9Zc8ETaS1Ogk272rBnvauQsIi7YtqspTpf57IAIgUgzX/6IaxRTvVjopOeSGt7r0LojTyuluhmR2NOZkBSIp8oF3yNyEA473EQqnqdSeiu1tCYDFO445XB9ObCHtChlFqg6Lr5E8b3QqdEJLxIJCAkXUPdA8QmmGBPmTeHHLWmn+pv6e9Brp/NTA/aCLmSWkvL++4oM+YST4tNhqm8bu7Ng/BV8Op0khdclhA+09R26wD/l6QS/Q3ylbSWhXtO6wbW0OIn3tQIZ0K4opTt9C3ztBN1M6QmymQjm5AOewFY31DLNekMTqI3NUbTUdlVoqZ11/LosJm2/B3lJ01uQ3fqLFXLNCZJEd21WRPLgIeVNCBs4yCEnnwwhCn+434GPGCMX0y8hulKwEAY62ersQ4kTk8z2v1Io1m8XjCABlcTYPomGx11QN9L5TdDFZDvK5Eoa77mch4ayGr4nM+B98WYNvwb/ar1wyI6LkiGQWVXJB9DqzhhqAICB4k4xJx0CAS/dCui2/C0PqN1Nx1rv8XJ6FC2dtqvrj/4E53fTXxL6RcyViJX1mJJLgamFCJhm0UGDMh0HVga7HCewAkdNMOaTobx4zPYo3RIdz7EADrlecx7zpaLn0PUfh8mR9Ws6Kv4W+H4ksp+1d0lGvnTlr2Wk6v7XY5zn5ti2KiU/juR1jZH/hdK6u6SY+7bGrb+BJWs2K7za6olSZfo0pTVMy7mXWL/5ZqXqWimp3NFvCadrx4wA+tyxdpZDx933TLhfz9XqfsKFOOKDI69VUvdtlbSU9ugsnH8V/F9lxRtfVM7JSxVgrM1aVIPVl+Cv6OlEOG+j1BBQFSq6gyp7n1NtnoskxrrWpPW9rWshJ7fMSLOcLk2swRu6sa5Q0bNdtHBNUoDufG5B9LkJ/45t57GX23Hgnyh21Sq/Uj0/7TSH2ySkCl7ROZNeiameYhV6QY1uOqey9ic7j7Aq8WxI4Umbs+69D3EZ9+kFSz7mB0UV/KG7NkevmFR7qyjozblNjX/HEBQeMu8iuiY9pt+67qre0AOqTCAru1pf9OQwo+003nJ3zTkAEfUBJa/oruIXBrVHy7/bqG7gdu06wq7CVFsBV6mxihSNl546yd13S7I4W863pJmiJPfzel30k5vz97zOxjpFK8PvvA7fkmEODr0YEz5K7t7KLwypvnALvn+pmHDhg0bNmzYsGHDhg0bdw//B2ZHIJ6Dm6T8AAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDE4LTA5LTI2VDIzOjU4OjI4KzAyOjAwfzPYdQAAACV0RVh0ZGF0ZTptb2RpZnkAMjAxOC0wOS0yNlQyMzo1ODoyOCswMjowMA5uYMkAAABXelRYdFJhdyBwcm9maWxlIHR5cGUgaXB0YwAAeJzj8gwIcVYoKMpPy8xJ5VIAAyMLLmMLEyMTS5MUAxMgRIA0w2QDI7NUIMvY1MjEzMQcxAfLgEigSi4A6hcRdPJCNZUAAAAASUVORK5CYII=" + +} diff --git a/metadata/solo-FIDO2-U2F-Authenticator.json b/metadata/solo-FIDO2-U2F-Authenticator.json new file mode 100644 index 0000000..71a711f --- /dev/null +++ b/metadata/solo-FIDO2-U2F-Authenticator.json @@ -0,0 +1,37 @@ +{ + "description": "Solo Secp256R1 U2F Authenticator", + "attestationCertificateKeyIdentifiers": ["3be6d2c06ff2e7b07c9d9e28c020b00d07c815c8"], + "alternativeDescriptions": { + }, + "protocolFamily": "u2f", + "authenticatorVersion": 2, + "upv": [ + { + "major": 1, + "minor": 2 + } + ], + "assertionScheme": "U2FV1BIN", + "authenticationAlgorithm": 1, + "publicKeyAlgAndEncoding": 256, + "attestationTypes": [ + 15879 + ], + "userVerificationDetails": [ + [ + { + "userVerification": 1 + } + ] + ], + "keyProtection": 2, + "matcherProtection": 4, + "cryptoStrength": 128, + "attachmentHint": 2, + "isSecondFactorOnly": true, + "tcDisplay": 0, + "attestationRootCertificates": [ +"MIIB9DCCAZoCCQDER2OSj/S+jDAKBggqhkjOPQQDAjCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQKDAlTb2xvIEtleXMxEDAOBgNVBAsMB1Jvb3QgQ0ExFTATBgNVBAMMDHNvbG9rZXlzLmNvbTEhMB8GCSqGSIb3DQEJARYSaGVsbG9Ac29sb2tleXMuY29tMCAXDTE4MTExMTEyNTE0MloYDzIwNjgxMDI5MTI1MTQyWjCBgDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQKDAlTb2xvIEtleXMxEDAOBgNVBAsMB1Jvb3QgQ0ExFTATBgNVBAMMDHNvbG9rZXlzLmNvbTEhMB8GCSqGSIb3DQEJARYSaGVsbG9Ac29sb2tleXMuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWHAN0CCJVZdMs0oktZ5m93uxmB1iyq8ELRLtqVFLSOiHQEab56qRTB/QzrpGAY++Y2mw+vRuQMNhBiU0KzwjBjAKBggqhkjOPQQDAgNIADBFAiEAz9SlrAXIlEu87vra54rICPs+4b0qhp3PdzcTg7rvnP0CIGjxzlteQQx+jQGd7rwSZuE5RWUPVygYhUstQO9zNUOs" + ], + "icon": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAMAAAAKE/YAAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAC+lBMVEX////w8PDX19e+vb2lpKSko6O/vr7a2dn19PX6+vq7urp6eHhfXFxGQkMsKSojHyAzLzBNSktoZWaKiIjS0dLY19iDgYH8+/zZ2Nl4dncxLS6XlZW6ubn4+Pjo5+d4dXYlISI5NTaurK3+/v64t7csKClZVlfv7++joaHk5OQ5Njfr6+vg3+BlYmJWU1SopqfHxsYmIyM9OTpST1A/PD04NDV8eXrW1dX8/Pze3t6HhYUtKiq8ursvKyzj4+Pv7u5fXF1nZGXR0NEnIyTh4OD09PQrJyhaV1jm5uZ+fH1EQEHFxMTKycq3tbaioKGNi4y2tLXu7e7GxcWxsLCenJyRj5CmpaXQz8+Rj48/OzzEw8SWlJRVUlMmIiNTUFGUkpP9/f3Ix8eIhoZHREVkYWKkoqKenZ3U09NhXl/T0tJKR0d7eXkkICGCgIBsampraWnV1NQqJidraGnl5eW0s7NXVFTs7OxFQUL29vY+Ojt2c3QoJCVcWVqamJnMy8vNzMybmZo6Nzjn5uc3MzTp6elYVVX7+/tmZGRiX2DOzc1STk+Vk5OPjY3q6uo0MTFta2uBf39MSUqGhIVeW1vLysuwr6+qqKi3trY1MTLy8vLj4uJbWFnKyclCPz8pJSaqqalIRUbc3Nysq6uysbGzsrJ1cnPf3t8zMDEuKiuZl5ihn6Ccmpr29fXJyMhPTE2LiIn39/ddWls8ODlzcXFycHCAfn5UUVKXlpZLR0h0cnJYVVa5uLhDQECQjo6fnZ5JRkZxbm9jYGEwLC1MSEllY2Pz8/NBPj9RTk7b2trDwsJQTU2pp6hwbW5OS0yLiYpgXV7Pzs75+flqZ2gyLi87ODjCwcGdm5uJh4erqqpAPT6npabQ0NCEgYJ+e3zx8fGtrKzAv79yb3CFg4SSkJFua2y1s7S9u7ywrq/DwsOMiouEgoPc29uYlpe9vL19envt7e3d3d02MjOvra7p6Oignp9pZmd3dHXBwMDi4eFGQ0R/fX6OjIxvbG3W1tac12V4AAAAAWJLR0QAiAUdSAAAAAd0SU1FB+IJGhc6HI0t8mAAAA2TSURBVHja7Vx5fBRFFi7CHUkaRAy3wUC4xJAAS7jCEQgokVPkTBiyikCGy4UVCUHOoIaQcCcYgsgpyxFAETcCIgRw5UgMuAroxgtWFPBYV113f7/N1OueetVd3TM1ESZ/9PdPpt5R/aW7uvpV1asixIYNGzZs2LBhw4YNGzZs2LBhw4YNGzZsSKNSQOUqVatVr+FvHl6iZuA9tYKCFRW169xb9z5fq6p3P0PIHaRcv0FDxYCgRr7d8caojiZ3jHLTB0IVIZo9GFZRSTdvoZgivGXFJN0qVLFAUOuKSLqKYo02bSse6YdaeCCttKtwpMMe9sRZUSIqGun2OoKRUR06RupknSQ72ztO+gHMLvgPnaPLZCFdunbjWHevWKSb9EAXiIpxy3v2wqR7VyzSfVD9sX2Rol8dpImT+8TcadKBqP7+nKYevtUDKhTpqqj+R3jVo0g10OjZMv6xQYMHDxoSP1SS9IBhwx+vO+KJwJE+/z+jUP2jeVVEb4YxOreAseMSNLfQxPGdvSXtmJD0R9bonnxK7glqmIgbwWNeOj09Sd+T15rsFenuU/QdbHJTH0g3x1U4p3rzxNpOcyoGOKejj70J6RmJRj9lZlJNadJ9+CoaPhPxJw8enaMUIaJYGxGTnmUSL8z+syzpGsaanp1abY65Q+NgxQTBjS1JDzbzU56rL8t6rqialHmp9cTm82NNr62kPG9BeoG5n7JQNo6cb1ZTmweGVDJYL1pscW2l2RJT0gMTrByXpkmyXmZeV8ILL/K2jpewuluv9OXhM7FkdpgJ6YwV2KxT5uNZK7mRxypJ0pVMXizA6jXYdi3SRK6jsV/NVNyXrDch/QiSZMOdyJmOZLEbJFnft0Kxwsu5bsuQjUycF6hJN6En/4pDSHoDehMWblb9ohsgs7mSpEnrlZaslfGa4atIuIX54w/UViHpbegBbWeO9zJxwkOyrOeM2GHJOtkBdihcjYpG7mjKpLeIdNpOVs5E130R2b0mS7rsurtGW7H+CzXancckjbD3KibfmSYgvQeVuXdkL5Ovlidd1l6HWzSSvOouk+7oaXJfsb7IdI+A9D5WnMJddB26RL4vrAmJiZhe24T1fpc+iZUP8J7o8acLSM9mxYOc3wxkON830mVw9El/eaaAtNMVQ77Oyom8WxDTvCEgjTqdfZzfUGS43mfSLjRpv/yQIY57s0xRixWf4V32M800AWn0IAbxjnFM81S5SLvQOj2IJ+0aih1mxam8+VtM81cj6XxULOAd32aaI+UmXYajXGj0Nt8Iknjbe/iGoyOdg4rVeMdjZg3HV8zHjbtFmSCcFd/hTY8zTW8jaYK6St1k1btMM9FbXtF1TjDs0WtP4ltdSEgm3wgQUMNJFpBG0Q3fCPohwy3EWyxEXll65SakdJYNirJY8RRviT6oywWkT7NiA87vDDIc5jXppciro145HCk7ES704D8FLZFhgYB0Misu5a5QgO7KUOIt0GuvKO/plKhfVv5WVm6LOsJN2DCVyWMLBaRR2dkFO6J3Ya/XnMn7mHTD6pwuBn8ezxL+MZ9Dhg4Ut4QTAel+qCPKQo590V047z3pHO7zF4Wjmc6dsIoOWhshARrTYI4TRaTJBVbuUcgc70d2Rd6Txj2CC3Ve3VDsEs8p+CAPy2vTyYmcEia5eEarogg9kezdQtJ4IDo7R3OsgkZc8yQ4k1zFgBWHn31XL1Mf6lgk2jESZJfwnMKHREgaN15lpRohjscXkAuXkhUvsFhdl6uBm0xk4t8rN7//HB6gXsw3IT0DD8Z3TmrU/qO5H+MLPCnFmfSzHNeqcE/yxcdamaUUERPS5EPL+i/KTjKNLFE8AX0RqlrZXSampMlZC7+8K5KcCanfxgPnq3gdIMnczh1FiUjP6W/+gLZKcy7rkM9ZUY5sxFtHmLSQWBYLCefy0j4xuUD2Gq+ZYjgisk05jwvQW+ceENkdYNMjZlO9T+wUOXaQX8ZW8ekR8Wj83D8ES0TFuzrp7RYfLUYGZpPqPZMMc7RTGnuiZoWw+OTndBWeWmU2B5t/+SS6fNyTVXZz6pFo4YOfWsx4cynq/LIPNvYlM4NHy4EL7smc9PCUOv17bxtV2tPStvhS6qrP9u//7PPUUrkFn0pDxmZlhk+au+/oSEe5GduwYcOGDRs2bNiwYcNGhcXlcBe+MNFuodrw/r6vTN4R1KVDzC/Fyq3qKHSXv1lKkP5K5dzK3yQlSK+HPGpnVX9zlCBdoHJ+wt8UJUgHwpyd831/M5QgfQ04h27yoU5/ka6cApxf9Tc/CdKlsEwU+qC/6UmQvgScE677m50E6X/C6mLCcH+TkyA9EPJdEnxZVfAX6fbAOfIrf1OTIL0HpssjTXPtw9YkTR83us3edslr0ZIxcTRxQZyeW0x1rDxg2Lqvz447njXxWvX834N0LizAxjY3sc+4gXJE8k6yHQ7fUEmUQ+CziC6QulPy4lEGlxJ8vhKRho70Gtj/FGuyFBJ9FO9AcuF1d54G5I6MEXh9i0PFCeG6GhqO3U0kwZN+HjinmGzWytirGLBDi7UhT/kdgRvdJRL3Kf1dWbBjM0p2wZYjXQSLZik3xbYxp7RmcfpW0oVmamGnmkVRTJOC4nIMbpOpGeQ+dlFzBfLerrWt3WEts3ZeNJECJj0Snn1eNbHpBmjNoec7w+t2+zokTfSYAfrPackYFEJaR7zrZyGkyY2+rO4TubIM8lS+9pl0H7gLeaViy+hDVL0QZZU1nUdFh2G/4ne00EHvF/K9SxxEf/9ATWajPmYPDcyc7xEZMNKT1YeVMkNsOYJqe3ErdQ5wh1RlAsvf3+j8biITetNLfsTqf1F1JpGBm/TT7myER4Vv8xk6Jvj+U91tpC9Ztwxa2ErdddmRZBq9E9DJ0L2xP/H6Di5ZbYcvpDujpJ5tIsN/U9UPevF7VAyL/jXpErtucyukScFL46AfgRF8DV/QGqSyJ1TSAVyCvSBSWkID7HCjop1LvhF+Q14F3/dEUBnsDQyh/d1ZvgJIsh9PJACkz8EOjLyxMC7c2ddgd8TsflyiCshBeIj2BR9weprxfUpdA6fd5Pf8gnjIVhekZlbqohuc97OWWnXaEEPQbTklDmMFbXFDponUsTiZ8Rcnaz6EQAc0VbJbtiLt6usc0IkZ3qZCOgUi3CC8GLWbIdT5KNLSFhuZoZbUHVzHq5NygZGGb8oSyFfRd5zXqPRxUQ10I0k3eAZp9D84gbQbuf4iQ8v2O5Z+RXa/loh0SmUQVINv1GI+HoDkx0ttBbhFVeq920cLM9x+z9NyqbuMDl6YOW5Vwe3ykdY4E3IDBBe41+Wq4gEqL2jCWW4/+h/hePVz3u3X5OvWeSVWpFGMVFPNw1qAzT7zRFobm9HGskPbglpcYuiYtzTTebb4pAuRBJBOuYZE29WYGp9Zc8ETaS1Ogk272rBnvauQsIi7YtqspTpf57IAIgUgzX/6IaxRTvVjopOeSGt7r0LojTyuluhmR2NOZkBSIp8oF3yNyEA473EQqnqdSeiu1tCYDFO445XB9ObCHtChlFqg6Lr5E8b3QqdEJLxIJCAkXUPdA8QmmGBPmTeHHLWmn+pv6e9Brp/NTA/aCLmSWkvL++4oM+YST4tNhqm8bu7Ng/BV8Op0khdclhA+09R26wD/l6QS/Q3ylbSWhXtO6wbW0OIn3tQIZ0K4opTt9C3ztBN1M6QmymQjm5AOewFY31DLNekMTqI3NUbTUdlVoqZ11/LosJm2/B3lJ01uQ3fqLFXLNCZJEd21WRPLgIeVNCBs4yCEnnwwhCn+434GPGCMX0y8hulKwEAY62ersQ4kTk8z2v1Io1m8XjCABlcTYPomGx11QN9L5TdDFZDvK5Eoa77mch4ayGr4nM+B98WYNvwb/ar1wyI6LkiGQWVXJB9DqzhhqAICB4k4xJx0CAS/dCui2/C0PqN1Nx1rv8XJ6FC2dtqvrj/4E53fTXxL6RcyViJX1mJJLgamFCJhm0UGDMh0HVga7HCewAkdNMOaTobx4zPYo3RIdz7EADrlecx7zpaLn0PUfh8mR9Ws6Kv4W+H4ksp+1d0lGvnTlr2Wk6v7XY5zn5ti2KiU/juR1jZH/hdK6u6SY+7bGrb+BJWs2K7za6olSZfo0pTVMy7mXWL/5ZqXqWimp3NFvCadrx4wA+tyxdpZDx933TLhfz9XqfsKFOOKDI69VUvdtlbSU9ugsnH8V/F9lxRtfVM7JSxVgrM1aVIPVl+Cv6OlEOG+j1BBQFSq6gyp7n1NtnoskxrrWpPW9rWshJ7fMSLOcLk2swRu6sa5Q0bNdtHBNUoDufG5B9LkJ/45t57GX23Hgnyh21Sq/Uj0/7TSH2ySkCl7ROZNeiameYhV6QY1uOqey9ic7j7Aq8WxI4Umbs+69D3EZ9+kFSz7mB0UV/KG7NkevmFR7qyjozblNjX/HEBQeMu8iuiY9pt+67qre0AOqTCAru1pf9OQwo+003nJ3zTkAEfUBJa/oruIXBrVHy7/bqG7gdu06wq7CVFsBV6mxihSNl546yd13S7I4W863pJmiJPfzel30k5vz97zOxjpFK8PvvA7fkmEODr0YEz5K7t7KLwypvnALvn+pmHDhg0bNmzYsGHDhg0bdw//B2ZHIJ6Dm6T8AAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDE4LTA5LTI2VDIzOjU4OjI4KzAyOjAwfzPYdQAAACV0RVh0ZGF0ZTptb2RpZnkAMjAxOC0wOS0yNlQyMzo1ODoyOCswMjowMA5uYMkAAABXelRYdFJhdyBwcm9maWxlIHR5cGUgaXB0YwAAeJzj8gwIcVYoKMpPy8xJ5VIAAyMLLmMLEyMTS5MUAxMgRIA0w2QDI7NUIMvY1MjEzMQcxAfLgEigSi4A6hcRdPJCNZUAAAAASUVORK5CYII=" +} diff --git a/mkdocs.yml b/mkdocs.yml index 2d69cbc..b140e92 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -9,6 +9,7 @@ copyright: 'Copyright © 2018 - 2019 SoloKeys' nav: - Home: solo/index.md - FIDO2 Implementation: solo/fido2-impl.md + - Metadata Statements: solo/metadata-statements.md - Build instructions: solo/building.md - Signed update process: solo/signed-updates.md - Code documentation: solo/code-overview.md @@ -21,3 +22,6 @@ theme: name: material logo: 'solo/images/logo.svg' favicon: 'solo/images/favicon.ico' + +markdown_extensions: + - markdown_include.include From 4c36a752cb53e08a5a1202d99dc944c797de56b5 Mon Sep 17 00:00:00 2001 From: Paolo Smiraglia Date: Wed, 30 Jan 2019 21:55:52 +0100 Subject: [PATCH 30/44] Fix vendor and product id --- docs/solo/udev.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/solo/udev.md b/docs/solo/udev.md index eb0dee4..6bac736 100644 --- a/docs/solo/udev.md +++ b/docs/solo/udev.md @@ -65,8 +65,8 @@ udevadm trigger ## What about vendor and product ID for Solo? | Key | Vendor ID | Product ID | | --- | --- | --- | -| Solo | 10c4 | 8acf | -| U2F Zero | 0483 | a2ca | +| Solo | 0483 | a2ca | +| U2F Zero | 10c4 | 8acf | ## You got this all wrong, I can't believe it! Are you suffering from [us being wrong](https://xkcd.com/386/)? Please, send us a [pull request](https://github.com/solokeys/solo/pulls) and prove us wrong :D From c3bddee814da45c90e4f15b69f0548978e45cbbb Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:21:26 -0500 Subject: [PATCH 31/44] dont do this when powered by nfc --- targets/stm32l432/src/ams.c | 131 ++++++++++++++++++------------------ 1 file changed, 67 insertions(+), 64 deletions(-) diff --git a/targets/stm32l432/src/ams.c b/targets/stm32l432/src/ams.c index a342513..d52da58 100644 --- a/targets/stm32l432/src/ams.c +++ b/targets/stm32l432/src/ams.c @@ -265,83 +265,86 @@ bool ams_init() LL_SPI_SetRxFIFOThreshold(SPI1,LL_SPI_RX_FIFO_TH_QUARTER); LL_SPI_Enable(SPI1); - delay(10); + // delay(10); SELECT(); - delay(10); + // delay(10); - - ams_write_command(AMS_CMD_DEFAULT); - ams_write_command(AMS_CMD_CLEAR_BUFFER); - - // check connection - uint8_t productType = ams_read_reg(AMS_REG_PRODUCT_TYPE); - if (!productType) - { - printf1(TAG_NFC,"Have no product type. Connection error."); - return false; - } - printf1(TAG_NFC,"Product type 0x%02x.", productType); - - // enable tunneling mode and RF configuration - ams_write_reg(AMS_REG_IC_CONF2, AMS_RFCFG_EN | AMS_TUN_MOD); - - ams_read_eeprom_block(AMS_CONFIG_UID_ADDR, block); - printf1(TAG_NFC,"UID: "); dump_hex1(TAG_NFC,block,4); - - ams_read_eeprom_block(AMS_CONFIG_BLOCK0_ADDR, block); - printf1(TAG_NFC,"conf0: "); dump_hex1(TAG_NFC,block,4); - - uint8_t sense1 = 0x44; - uint8_t sense2 = 0x00; - uint8_t selr = 0x20; // SAK - - if(block[0] != sense1 || block[1] != sense2 || block[2] != selr) + // + if (1) { - printf1(TAG_NFC,"Writing config block 0\r\n"); - block[0] = sense1; - block[1] = sense2; - block[2] = selr; - block[3] = 0x00; + ams_write_command(AMS_CMD_DEFAULT); + ams_write_command(AMS_CMD_CLEAR_BUFFER); - ams_write_eeprom_block(AMS_CONFIG_BLOCK0_ADDR, block); - UNSELECT(); - delay(10); - SELECT(); - delay(10); + // check connection + uint8_t productType = ams_read_reg(AMS_REG_PRODUCT_TYPE); + if (!productType) + { + printf1(TAG_NFC,"Have no product type. Connection error."); + return false; + } + printf1(TAG_NFC,"Product type 0x%02x.", productType); + + // enable tunneling mode and RF configuration + ams_write_reg(AMS_REG_IC_CONF2, AMS_RFCFG_EN | AMS_TUN_MOD); + + ams_read_eeprom_block(AMS_CONFIG_UID_ADDR, block); + printf1(TAG_NFC,"UID: "); dump_hex1(TAG_NFC,block,4); ams_read_eeprom_block(AMS_CONFIG_BLOCK0_ADDR, block); printf1(TAG_NFC,"conf0: "); dump_hex1(TAG_NFC,block,4); - } - ams_read_eeprom_block(AMS_CONFIG_BLOCK1_ADDR, block); - printf1(TAG_NFC,"conf1: "); dump_hex1(TAG_NFC,block,4); + uint8_t sense1 = 0x44; + uint8_t sense2 = 0x00; + uint8_t selr = 0x20; // SAK - uint8_t ic_cfg1 = AMS_CFG1_OUTPUT_RESISTANCE_100 | AMS_CFG1_VOLTAGE_LEVEL_2V0; - uint8_t ic_cfg2 = AMS_CFG2_TUN_MOD; + if(block[0] != sense1 || block[1] != sense2 || block[2] != selr) + { + printf1(TAG_NFC,"Writing config block 0\r\n"); + block[0] = sense1; + block[1] = sense2; + block[2] = selr; + block[3] = 0x00; - if (block[0] != ic_cfg1 || block[1] != ic_cfg2) - { - printf1(TAG_NFC,"Writing config block 1\r\n"); - // set IC_CFG1 - block[0] = ic_cfg1; + ams_write_eeprom_block(AMS_CONFIG_BLOCK0_ADDR, block); + UNSELECT(); + delay(10); + SELECT(); + delay(10); - // set IC_CFG2 - block[1] = ic_cfg2; + ams_read_eeprom_block(AMS_CONFIG_BLOCK0_ADDR, block); + printf1(TAG_NFC,"conf0: "); dump_hex1(TAG_NFC,block,4); + } - // mask interrupt bits - block[2] = 0x80; - block[3] = 0; - - ams_write_eeprom_block(AMS_CONFIG_BLOCK1_ADDR, block); - - UNSELECT(); - delay(10); - SELECT(); - delay(10); - - ams_read_eeprom_block(0x7F, block); + ams_read_eeprom_block(AMS_CONFIG_BLOCK1_ADDR, block); printf1(TAG_NFC,"conf1: "); dump_hex1(TAG_NFC,block,4); + + uint8_t ic_cfg1 = AMS_CFG1_OUTPUT_RESISTANCE_100 | AMS_CFG1_VOLTAGE_LEVEL_2V0; + uint8_t ic_cfg2 = AMS_CFG2_TUN_MOD; + + if (block[0] != ic_cfg1 || block[1] != ic_cfg2) + { + printf1(TAG_NFC,"Writing config block 1\r\n"); + // set IC_CFG1 + block[0] = ic_cfg1; + + // set IC_CFG2 + block[1] = ic_cfg2; + + // mask interrupt bits + block[2] = 0x80; + block[3] = 0; + + ams_write_eeprom_block(AMS_CONFIG_BLOCK1_ADDR, block); + + UNSELECT(); + delay(10); + SELECT(); + delay(10); + + ams_read_eeprom_block(0x7F, block); + printf1(TAG_NFC,"conf1: "); dump_hex1(TAG_NFC,block,4); + } } - + return true; } From 4ba57ccc85f3db1384a7d7a9f45d9ac5fc72847d Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:23:01 -0500 Subject: [PATCH 32/44] refactor init functions --- targets/stm32l432/bootloader/bootloader.h | 12 +- targets/stm32l432/bootloader/main.c | 23 +- targets/stm32l432/src/init.c | 467 ++++++++++------------ targets/stm32l432/src/init.h | 37 ++ 4 files changed, 276 insertions(+), 263 deletions(-) create mode 100644 targets/stm32l432/src/init.h diff --git a/targets/stm32l432/bootloader/bootloader.h b/targets/stm32l432/bootloader/bootloader.h index 22e5db3..4cd23be 100644 --- a/targets/stm32l432/bootloader/bootloader.h +++ b/targets/stm32l432/bootloader/bootloader.h @@ -1,21 +1,21 @@ /* * Copyright (C) 2018 SoloKeys, Inc. - * + * * This file is part of Solo. - * + * * Solo is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. - * + * * Solo is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with Solo. If not, see - * + * * This code is available under licenses for commercial use. * Please contact SoloKeys for more information. */ @@ -66,7 +66,7 @@ #define SKIP_BUTTON_CHECK_FAST 1 void printing_init(); -void hw_init(void); +void hw_init(int lf); // Trigger software reset void device_reboot(); diff --git a/targets/stm32l432/bootloader/main.c b/targets/stm32l432/bootloader/main.c index afdc15f..d1325af 100644 --- a/targets/stm32l432/bootloader/main.c +++ b/targets/stm32l432/bootloader/main.c @@ -23,6 +23,9 @@ #include #include +#include "stm32l4xx_ll_rcc.h" +#include "stm32l4xx.h" + #include "cbor.h" #include "device.h" #include "ctaphid.h" @@ -32,9 +35,8 @@ #include "ctap.h" #include "app.h" #include "memory_layout.h" -#include "stm32l4xx_ll_rcc.h" +#include "init.h" -#include "stm32l4xx.h" uint8_t REBOOT_FLAG = 0; @@ -82,7 +84,15 @@ int main(int argc, char * argv[]) TAG_ERR ); - device_init(); + // device_init(); + SystemClock_Config_LF(); + init_gpio(); + init_millisecond_timer(1); + +#if DEBUG_LEVEL > 0 + init_debug_uart(); +#endif + printf1(TAG_GEN,"init device\n"); t1 = millis(); @@ -118,7 +128,14 @@ int main(int argc, char * argv[]) printf1(TAG_RED,"Not authorized to boot (%08x == %08lx)\r\n", AUTH_WORD_ADDR, *(uint32_t*)AUTH_WORD_ADDR); } start_bootloader: + + SystemClock_Config(); + init_gpio(); + init_millisecond_timer(0); + init_pwm(); + init_rng(); usbhid_init(); + printf1(TAG_GEN,"init usb\n"); ctaphid_init(); diff --git a/targets/stm32l432/src/init.c b/targets/stm32l432/src/init.c index 056a7ba..3c33c56 100644 --- a/targets/stm32l432/src/init.c +++ b/targets/stm32l432/src/init.c @@ -45,31 +45,20 @@ #include "usbd_composite.h" #include "usbd_cdc_if.h" #include "device.h" +#include "init.h" #include APP_CONFIG -/* USER CODE BEGIN Includes */ -/* USER CODE END Includes */ - -/* Private variables ---------------------------------------------------------*/ USBD_HandleTypeDef Solo_USBD_Device; -/* Private function prototypes -----------------------------------------------*/ static void LL_Init(void); -void SystemClock_Config(void); -static void MX_GPIO_Init(void); -static void MX_USART1_UART_Init(void); -static void MX_TIM2_Init(void); -static void MX_TIM6_Init(void); -static void MX_RNG_Init(void); -static void MX_SPI1_Init(void); #define Error_Handler() _Error_Handler(__FILE__,__LINE__) void _Error_Handler(char *file, int line); -void hw_init(void) +void hw_init(int lowfreq) { #ifdef IS_BOOTLOADER SCB->VTOR = FLASH_BASE; @@ -77,25 +66,33 @@ void hw_init(void) #endif LL_Init(); - SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); + if (lowfreq) + { + SystemClock_Config_LF(); + } + else + { + SystemClock_Config(); + } - SystemClock_Config(); // TODO bootloader should not change clk freq. - MX_GPIO_Init(); - MX_TIM2_Init(); // PWM for LEDs + init_gpio(); - MX_TIM6_Init(); // ~1 ms timer + if (!lowfreq) + { + init_pwm(); + } + + init_millisecond_timer(lowfreq); #if DEBUG_LEVEL > 0 - MX_USART1_UART_Init();// debug uart + init_debug_uart(); #endif - MX_RNG_Init(); - MX_SPI1_Init(); - TIM6->SR = 0; - __enable_irq(); - NVIC_EnableIRQ(TIM6_IRQn); + init_rng(); + init_spi(); + } static void LL_Init(void) @@ -122,259 +119,253 @@ static void LL_Init(void) NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); } -static int NFC = 0; + /** * @brief System Clock Configuration * @retval None */ void SystemClock_Config(void) { - if (!NFC) - { + SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); - LL_FLASH_SetLatency(LL_FLASH_LATENCY_2); + LL_FLASH_SetLatency(LL_FLASH_LATENCY_2); - if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_2) - { - Error_Handler(); - } - LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); + if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_2) + { + Error_Handler(); + } + LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); - LL_RCC_HSI48_Enable(); + LL_RCC_HSI48_Enable(); - /* Wait till HSI48 is ready */ - while(LL_RCC_HSI48_IsReady() != 1) - { + /* Wait till HSI48 is ready */ + while(LL_RCC_HSI48_IsReady() != 1) + { - } + } - LL_RCC_LSI_Enable(); + LL_RCC_LSI_Enable(); - /* Wait till LSI is ready */ - while(LL_RCC_LSI_IsReady() != 1) - { + /* Wait till LSI is ready */ + while(LL_RCC_LSI_IsReady() != 1) + { - } - LL_RCC_MSI_Enable(); - /* Wait till MSI is ready */ - while(LL_RCC_MSI_IsReady() != 1) - { + } + LL_RCC_MSI_Enable(); + /* Wait till MSI is ready */ + while(LL_RCC_MSI_IsReady() != 1) + { - } - LL_RCC_MSI_EnableRangeSelection(); + } + LL_RCC_MSI_EnableRangeSelection(); - LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_11); + LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_11); - LL_RCC_MSI_SetCalibTrimming(0); + LL_RCC_MSI_SetCalibTrimming(0); - LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); + LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); - /* Wait till System clock is ready */ - while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) - { + /* Wait till System clock is ready */ + while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) + { - } - LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); + } + LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); - LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); + LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); - LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_16); + LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_16); - LL_Init1msTick(48000000); + LL_Init1msTick(48000000); - LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); + LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); - LL_SetSystemCoreClock(48000000); + LL_SetSystemCoreClock(48000000); - LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); + LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); - LL_RCC_SetUSBClockSource(LL_RCC_USB_CLKSOURCE_HSI48); + LL_RCC_SetUSBClockSource(LL_RCC_USB_CLKSOURCE_HSI48); - LL_APB1_GRP1_EnableClock(LL_APB1_GRP1_PERIPH_CRS); + LL_APB1_GRP1_EnableClock(LL_APB1_GRP1_PERIPH_CRS); - LL_APB1_GRP1_ForceReset(LL_APB1_GRP1_PERIPH_CRS); + LL_APB1_GRP1_ForceReset(LL_APB1_GRP1_PERIPH_CRS); - LL_APB1_GRP1_ReleaseReset(LL_APB1_GRP1_PERIPH_CRS); + LL_APB1_GRP1_ReleaseReset(LL_APB1_GRP1_PERIPH_CRS); - LL_CRS_SetSyncDivider(LL_CRS_SYNC_DIV_1); + LL_CRS_SetSyncDivider(LL_CRS_SYNC_DIV_1); - LL_CRS_SetSyncPolarity(LL_CRS_SYNC_POLARITY_RISING); + LL_CRS_SetSyncPolarity(LL_CRS_SYNC_POLARITY_RISING); - LL_CRS_SetSyncSignalSource(LL_CRS_SYNC_SOURCE_USB); + LL_CRS_SetSyncSignalSource(LL_CRS_SYNC_SOURCE_USB); - LL_CRS_SetReloadCounter(__LL_CRS_CALC_CALCULATE_RELOADVALUE(48000000,1000)); + LL_CRS_SetReloadCounter(__LL_CRS_CALC_CALCULATE_RELOADVALUE(48000000,1000)); - LL_CRS_SetFreqErrorLimit(34); + LL_CRS_SetFreqErrorLimit(34); - LL_CRS_SetHSI48SmoothTrimming(32); - - /* SysTick_IRQn interrupt configuration */ - NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); - } - else - { - LL_FLASH_SetLatency(LL_FLASH_LATENCY_0); - - if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_0) - { - Error_Handler(); - } - LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); - - LL_RCC_LSI_Enable(); - - /* Wait till LSI is ready */ - while(LL_RCC_LSI_IsReady() != 1) - { - - } - LL_RCC_MSI_Enable(); - - /* Wait till MSI is ready */ - while(LL_RCC_MSI_IsReady() != 1) - { - - } - LL_RCC_MSI_EnableRangeSelection(); - - LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_6); - - LL_RCC_MSI_SetCalibTrimming(0); - - LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); - - /* Wait till System clock is ready */ - while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) - { - - } - LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); - - LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); - - LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_1); - - LL_Init1msTick(4000000); - - LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); - - LL_SetSystemCoreClock(4000000); - - LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); - - LL_RCC_SetRNGClockSource(LL_RCC_RNG_CLKSOURCE_MSI); - - /* SysTick_IRQn interrupt configuration */ - NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); - } + LL_CRS_SetHSI48SmoothTrimming(32); + /* SysTick_IRQn interrupt configuration */ + NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); } -void usb_init() +void SystemClock_Config_LF(void) { - if (!NFC) + SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); + + LL_FLASH_SetLatency(LL_FLASH_LATENCY_0); + + if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_0) { - // enable USB power - SET_BIT(PWR->CR2, PWR_CR2_USV); - - // Enable USB Clock - SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_USBFSEN); - - - USBD_Composite_Set_Classes(&USBD_HID, &USBD_CDC); - in_endpoint_to_class[HID_EPIN_ADDR & 0x7F] = 0; - out_endpoint_to_class[HID_EPOUT_ADDR & 0x7F] = 0; - - in_endpoint_to_class[CDC_IN_EP & 0x7F] = 1; - out_endpoint_to_class[CDC_OUT_EP & 0x7F] = 1; - - USBD_Init(&Solo_USBD_Device, &Solo_Desc, 0); - USBD_RegisterClass(&Solo_USBD_Device, &USBD_Composite); - // USBD_RegisterClass(&Solo_USBD_Device, &USBD_HID); - // - // USBD_RegisterClass(&Solo_USBD_Device, &USBD_CDC); - USBD_CDC_RegisterInterface(&Solo_USBD_Device, &USBD_Interface_fops_FS); - - USBD_Start(&Solo_USBD_Device); + Error_Handler(); } + LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); + + LL_RCC_LSI_Enable(); + + /* Wait till LSI is ready */ + while(LL_RCC_LSI_IsReady() != 1) + { + + } + LL_RCC_MSI_Enable(); + + /* Wait till MSI is ready */ + while(LL_RCC_MSI_IsReady() != 1) + { + + } + LL_RCC_MSI_EnableRangeSelection(); + + LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_6); + + LL_RCC_MSI_SetCalibTrimming(0); + + LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); + + /* Wait till System clock is ready */ + while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) + { + + } + LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); + + LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); + + LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_1); + + LL_Init1msTick(4000000); + + LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); + + LL_SetSystemCoreClock(4000000); + + LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); + + LL_RCC_SetRNGClockSource(LL_RCC_RNG_CLKSOURCE_MSI); + + /* SysTick_IRQn interrupt configuration */ + NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); + } -/* TIM2 init function */ -static void MX_TIM2_Init(void) +void init_usb() { - // if(!NFC) - { - LL_TIM_InitTypeDef TIM_InitStruct; - LL_TIM_OC_InitTypeDef TIM_OC_InitStruct; + // enable USB power + SET_BIT(PWR->CR2, PWR_CR2_USV); - LL_GPIO_InitTypeDef GPIO_InitStruct; + // Enable USB Clock + SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_USBFSEN); - /* Peripheral clock enable */ - LL_APB1_GRP1_EnableClock(LL_APB1_GRP1_PERIPH_TIM2); - TIM2->SR = 0 ; + USBD_Composite_Set_Classes(&USBD_HID, &USBD_CDC); + in_endpoint_to_class[HID_EPIN_ADDR & 0x7F] = 0; + out_endpoint_to_class[HID_EPOUT_ADDR & 0x7F] = 0; - TIM_InitStruct.Prescaler = 0; - TIM_InitStruct.CounterMode = LL_TIM_COUNTERMODE_UP; - TIM_InitStruct.Autoreload = 1000; - TIM_InitStruct.ClockDivision = LL_TIM_CLOCKDIVISION_DIV1; - LL_TIM_Init(TIM2, &TIM_InitStruct); + in_endpoint_to_class[CDC_IN_EP & 0x7F] = 1; + out_endpoint_to_class[CDC_OUT_EP & 0x7F] = 1; - LL_TIM_EnableARRPreload(TIM2); + USBD_Init(&Solo_USBD_Device, &Solo_Desc, 0); + USBD_RegisterClass(&Solo_USBD_Device, &USBD_Composite); + // USBD_RegisterClass(&Solo_USBD_Device, &USBD_HID); + // + // USBD_RegisterClass(&Solo_USBD_Device, &USBD_CDC); + USBD_CDC_RegisterInterface(&Solo_USBD_Device, &USBD_Interface_fops_FS); - LL_TIM_SetClockSource(TIM2, LL_TIM_CLOCKSOURCE_INTERNAL); + USBD_Start(&Solo_USBD_Device); +} - TIM_OC_InitStruct.OCMode = LL_TIM_OCMODE_PWM1; - TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; - TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; - TIM_OC_InitStruct.CompareValue = 1000; - TIM_OC_InitStruct.OCPolarity = LL_TIM_OCPOLARITY_HIGH; - LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH2, &TIM_OC_InitStruct); +void init_pwm(void) +{ - LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH2); + LL_TIM_InitTypeDef TIM_InitStruct; + LL_TIM_OC_InitTypeDef TIM_OC_InitStruct; - TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; - TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; - LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH3, &TIM_OC_InitStruct); + LL_GPIO_InitTypeDef GPIO_InitStruct; - LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH3); + /* Peripheral clock enable */ + LL_APB1_GRP1_EnableClock(LL_APB1_GRP1_PERIPH_TIM2); - TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; - TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; - LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH4, &TIM_OC_InitStruct); + TIM2->SR = 0 ; - LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH4); + TIM_InitStruct.Prescaler = 0; + TIM_InitStruct.CounterMode = LL_TIM_COUNTERMODE_UP; + TIM_InitStruct.Autoreload = 1000; + TIM_InitStruct.ClockDivision = LL_TIM_CLOCKDIVISION_DIV1; + LL_TIM_Init(TIM2, &TIM_InitStruct); - LL_TIM_SetOCRefClearInputSource(TIM2, LL_TIM_OCREF_CLR_INT_NC); + LL_TIM_EnableARRPreload(TIM2); - LL_TIM_DisableExternalClock(TIM2); + LL_TIM_SetClockSource(TIM2, LL_TIM_CLOCKSOURCE_INTERNAL); - LL_TIM_ConfigETR(TIM2, LL_TIM_ETR_POLARITY_NONINVERTED, LL_TIM_ETR_PRESCALER_DIV1, LL_TIM_ETR_FILTER_FDIV1); + TIM_OC_InitStruct.OCMode = LL_TIM_OCMODE_PWM1; + TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; + TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; + TIM_OC_InitStruct.CompareValue = 1000; + TIM_OC_InitStruct.OCPolarity = LL_TIM_OCPOLARITY_HIGH; + LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH2, &TIM_OC_InitStruct); - LL_TIM_SetTriggerOutput(TIM2, LL_TIM_TRGO_RESET); + LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH2); - LL_TIM_DisableMasterSlaveMode(TIM2); + TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; + TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; + LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH3, &TIM_OC_InitStruct); - /**TIM2 GPIO Configuration - PA1 ------> TIM2_CH2 - PA2 ------> TIM2_CH3 - PA3 ------> TIM2_CH4 - */ - GPIO_InitStruct.Pin = LL_GPIO_PIN_1|LL_GPIO_PIN_2|LL_GPIO_PIN_3; - GPIO_InitStruct.Mode = LL_GPIO_MODE_ALTERNATE; - GPIO_InitStruct.Speed = LL_GPIO_SPEED_FREQ_LOW; - GPIO_InitStruct.OutputType = LL_GPIO_OUTPUT_PUSHPULL; - GPIO_InitStruct.Pull = LL_GPIO_PULL_NO; - GPIO_InitStruct.Alternate = LL_GPIO_AF_1; - LL_GPIO_Init(GPIOA, &GPIO_InitStruct); + LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH3); - LL_TIM_EnableCounter(TIM2); - } + TIM_OC_InitStruct.OCState = LL_TIM_OCSTATE_ENABLE; + TIM_OC_InitStruct.OCNState = LL_TIM_OCSTATE_ENABLE; + LL_TIM_OC_Init(TIM2, LL_TIM_CHANNEL_CH4, &TIM_OC_InitStruct); + + LL_TIM_OC_DisableFast(TIM2, LL_TIM_CHANNEL_CH4); + + LL_TIM_SetOCRefClearInputSource(TIM2, LL_TIM_OCREF_CLR_INT_NC); + + LL_TIM_DisableExternalClock(TIM2); + + LL_TIM_ConfigETR(TIM2, LL_TIM_ETR_POLARITY_NONINVERTED, LL_TIM_ETR_PRESCALER_DIV1, LL_TIM_ETR_FILTER_FDIV1); + + LL_TIM_SetTriggerOutput(TIM2, LL_TIM_TRGO_RESET); + + LL_TIM_DisableMasterSlaveMode(TIM2); + + /**TIM2 GPIO Configuration + PA1 ------> TIM2_CH2 + PA2 ------> TIM2_CH3 + PA3 ------> TIM2_CH4 + */ + GPIO_InitStruct.Pin = LL_GPIO_PIN_1|LL_GPIO_PIN_2|LL_GPIO_PIN_3; + GPIO_InitStruct.Mode = LL_GPIO_MODE_ALTERNATE; + GPIO_InitStruct.Speed = LL_GPIO_SPEED_FREQ_LOW; + GPIO_InitStruct.OutputType = LL_GPIO_OUTPUT_PUSHPULL; + GPIO_InitStruct.Pull = LL_GPIO_PULL_NO; + GPIO_InitStruct.Alternate = LL_GPIO_AF_1; + LL_GPIO_Init(GPIOA, &GPIO_InitStruct); + + LL_TIM_EnableCounter(TIM2); } -/* USART1 init function */ -static void MX_USART1_UART_Init(void) +void init_debug_uart(void) { LL_USART_InitTypeDef USART_InitStruct; @@ -411,20 +402,18 @@ static void MX_USART1_UART_Init(void) } -/** Pinout Configuration -*/ -static void MX_GPIO_Init(void) +void init_gpio(void) { /* GPIO Ports Clock Enable */ LL_AHB2_GRP1_EnableClock(LL_AHB2_GRP1_PERIPH_GPIOA); LL_AHB2_GRP1_EnableClock(LL_AHB2_GRP1_PERIPH_GPIOB); + LL_GPIO_SetPinMode(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_MODE_INPUT); + LL_GPIO_SetPinPull(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_PULL_UP); } - -/* TIM6 init function */ -static void MX_TIM6_Init(void) +void init_millisecond_timer(int lf) { LL_TIM_InitTypeDef TIM_InitStruct; @@ -434,7 +423,7 @@ static void MX_TIM6_Init(void) // 48 MHz sys clock --> 6 MHz timer clock // 48 MHz / 48000 == 1000 Hz - if (!NFC) + if (!lf) TIM_InitStruct.Prescaler = 48000; else TIM_InitStruct.Prescaler = 4000; @@ -454,39 +443,14 @@ static void MX_TIM6_Init(void) // Start immediately LL_TIM_EnableCounter(TIM6); + + TIM6->SR = 0; + __enable_irq(); + NVIC_EnableIRQ(TIM6_IRQn); } -/* TIM7 init function */ -// static void MX_TIM7_Init(void) -// { -// -// LL_TIM_InitTypeDef TIM_InitStruct; -// -// /* Peripheral clock enable */ -// LL_APB1_GRP1_EnableClock(LL_APB1_GRP1_PERIPH_TIM7); -// -// // 48 MHz sys clock --> 6 MHz timer clock -// // 6 MHz / 6000 == 1000 Hz -// TIM_InitStruct.Prescaler = 48000; -// TIM_InitStruct.CounterMode = LL_TIM_COUNTERMODE_UP; -// TIM_InitStruct.Autoreload = 0xffff; -// LL_TIM_Init(TIM6, &TIM_InitStruct); -// -// LL_TIM_DisableARRPreload(TIM7); -// -// LL_TIM_SetTriggerOutput(TIM7, LL_TIM_TRGO_RESET); -// -// LL_TIM_DisableMasterSlaveMode(TIM7); -// -// // enable interrupt -// TIM7->DIER |= 1; -// -// // Start immediately -// LL_TIM_EnableCounter(TIM7); -// } -/* RNG init function */ -static void MX_RNG_Init(void) +void init_rng(void) { /* Peripheral clock enable */ @@ -497,7 +461,7 @@ static void MX_RNG_Init(void) } /* SPI1 init function */ -static void MX_SPI1_Init(void) +void init_spi(void) { LL_SPI_InitTypeDef SPI_InitStruct; @@ -527,10 +491,7 @@ static void MX_SPI1_Init(void) SPI_InitStruct.ClockPolarity = LL_SPI_POLARITY_LOW; SPI_InitStruct.ClockPhase = LL_SPI_PHASE_2EDGE; SPI_InitStruct.NSS = LL_SPI_NSS_SOFT; - // if (!NFC) - // SPI_InitStruct.BaudRate = LL_SPI_BAUDRATEPRESCALER_DIV64; - // else - SPI_InitStruct.BaudRate = LL_SPI_BAUDRATEPRESCALER_DIV2; + SPI_InitStruct.BaudRate = LL_SPI_BAUDRATEPRESCALER_DIV2; SPI_InitStruct.BitOrder = LL_SPI_MSB_FIRST; SPI_InitStruct.CRCCalculation = LL_SPI_CRCCALCULATION_DISABLE; SPI_InitStruct.CRCPoly = 7; @@ -538,7 +499,5 @@ static void MX_SPI1_Init(void) LL_SPI_SetStandard(SPI1, LL_SPI_PROTOCOL_MOTOROLA); - // LL_SPI_EnableNSSPulseMgt(SPI1); - } diff --git a/targets/stm32l432/src/init.h b/targets/stm32l432/src/init.h new file mode 100644 index 0000000..1319a1e --- /dev/null +++ b/targets/stm32l432/src/init.h @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2018 SoloKeys, Inc. + * + * This file is part of Solo. + * + * Solo is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Solo is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Solo. If not, see + * + * This code is available under licenses for commercial use. + * Please contact SoloKeys for more information. + */ +#ifndef _INIT_H_ +#define _INIT_H_ + +void SystemClock_Config(void); +void SystemClock_Config_LF(void); + +void init_usb(); +void init_gpio(void); +void init_debug_uart(void); +void init_pwm(void); +void init_millisecond_timer(int lf); +void init_rng(void); +void init_spi(void); + + +#endif From 38171dba06ed8d35efca783cd3d7c2c1496283a4 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:23:51 -0500 Subject: [PATCH 33/44] low freq init --- targets/stm32l432/src/device.c | 53 +++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 24 deletions(-) diff --git a/targets/stm32l432/src/device.c b/targets/stm32l432/src/device.c index b3fd58f..888a2a6 100644 --- a/targets/stm32l432/src/device.c +++ b/targets/stm32l432/src/device.c @@ -43,12 +43,17 @@ #include "stm32l4xx_ll_iwdg.h" #include "usbd_cdc_if.h" #include "nfc.h" +#include "init.h" + +#define LOW_FREQUENCY 1 +#define HIGH_FREQUENCY 0 uint32_t __90_ms = 0; uint32_t __device_status = 0; uint32_t __last_update = 0; extern PCD_HandleTypeDef hpcd; bool haveNFC = false; +bool isLowFreq = 0; #define IS_BUTTON_PRESSED() (0 == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN)) @@ -108,10 +113,8 @@ void device_reboot() } void device_init() { - hw_init(); - - LL_GPIO_SetPinMode(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_MODE_INPUT); - LL_GPIO_SetPinPull(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_PULL_UP); + hw_init(LOW_FREQUENCY); + isLowFreq = 1; #ifndef IS_BOOTLOADER #if BOOT_TO_DFU @@ -121,38 +124,40 @@ void device_init() #endif printf1(TAG_GEN,"init nfc\n"); haveNFC = nfc_init(); - if (haveNFC) - printf1(TAG_GEN,"NFC OK.\n"); - else - printf1(TAG_GEN,"NFC not found.\n"); + // if (haveNFC) + // printf1(TAG_GEN,"NFC OK.\n"); + // else + // printf1(TAG_GEN,"NFC not found.\n"); #endif - printf1(TAG_GEN,"hello solo\r\n"); + // printf1(TAG_GEN,"hello solo\r\n"); } -void usb_init(void); -void usbhid_init() -{ - usb_init(); - -#if DEBUG_LEVEL>1 - wait_for_usb_tether(); -#endif -} - - - void wait_for_usb_tether() { - while (USBD_OK != CDC_Transmit_FS("tethered\r\n", 10) ) + while (USBD_OK != CDC_Transmit_FS((uint8_t*)"tethered\r\n", 10) ) ; - while (USBD_OK != CDC_Transmit_FS("tethered\r\n", 10) ) + while (USBD_OK != CDC_Transmit_FS((uint8_t*)"tethered\r\n", 10) ) ; delay(10); - while (USBD_OK != CDC_Transmit_FS("tethered\r\n", 10) ) + while (USBD_OK != CDC_Transmit_FS((uint8_t*)"tethered\r\n", 10) ) ; } +void usbhid_init() +{ + if (!isLowFreq) + { + init_usb(); + +#if DEBUG_LEVEL>1 + wait_for_usb_tether(); +#endif + } +} + + + int usbhid_recv(uint8_t * msg) { if (fifo_hidmsg_size()) From 3d0d91fa5c2efdc3a3fc42dc8eee79870d261acf Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:24:11 -0500 Subject: [PATCH 34/44] lf param --- targets/stm32l432/src/app.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/targets/stm32l432/src/app.h b/targets/stm32l432/src/app.h index 6afe0bb..e3f8ee0 100644 --- a/targets/stm32l432/src/app.h +++ b/targets/stm32l432/src/app.h @@ -45,7 +45,7 @@ #define DISABLE_CTAPHID_CBOR void printing_init(); -void hw_init(void); +void hw_init(int lf); //#define TEST //#define TEST_POWER From ee98340a0393195100435717af358144b59e1931 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:24:42 -0500 Subject: [PATCH 35/44] temporarily remove prints at start --- fido2/main.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/fido2/main.c b/fido2/main.c index 3849633..27b68a4 100644 --- a/fido2/main.c +++ b/fido2/main.c @@ -41,7 +41,7 @@ int main(int argc, char * argv[]) set_logging_mask( /*0*/ - // TAG_GEN| + TAG_GEN| // TAG_MC | // TAG_GA | // TAG_WALLET | @@ -60,20 +60,20 @@ int main(int argc, char * argv[]) ); device_init(); - printf1(TAG_GEN,"init device\n"); + // printf1(TAG_GEN,"init device\n"); usbhid_init(); - printf1(TAG_GEN,"init usb\n"); + // printf1(TAG_GEN,"init usb\n"); ctaphid_init(); - printf1(TAG_GEN,"init ctaphid\n"); + // printf1(TAG_GEN,"init ctaphid\n"); - ctap_init(); - printf1(TAG_GEN,"init ctap\n"); + // ctap_init(); + // printf1(TAG_GEN,"init ctap\n"); memset(hidmsg,0,sizeof(hidmsg)); - printf1(TAG_GEN,"recv'ing hid msg \n"); + // printf1(TAG_GEN,"recv'ing hid msg \n"); while(1) From ca2074de3674b34e3f79d45174f12bb546195d6d Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:25:01 -0500 Subject: [PATCH 36/44] Update Makefile --- targets/stm32l432/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/targets/stm32l432/Makefile b/targets/stm32l432/Makefile index 9df352c..aeae209 100644 --- a/targets/stm32l432/Makefile +++ b/targets/stm32l432/Makefile @@ -56,8 +56,7 @@ flash_dfu: solo.hex bootloader.hex # STM32_Programmer_CLI -c port=usb1 -halt -e all --readunprotect STM32_Programmer_CLI -c port=usb1 -halt -rdu -d all.hex -flashboot: solo.hex bootloader.hex - $(merge_hex) solo.hex bootloader.hex all.hex +flashboot: STM32_Programmer_CLI -c port=SWD -halt -e all --readunprotect STM32_Programmer_CLI -c port=SWD -halt -d bootloader.hex -rst From 81a89ed6aaa8ce0b8dc572dbef782e3623ada1b1 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Sat, 2 Feb 2019 00:29:32 -0500 Subject: [PATCH 37/44] go back to high freq --- targets/stm32l432/src/device.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/targets/stm32l432/src/device.c b/targets/stm32l432/src/device.c index 888a2a6..8ed047f 100644 --- a/targets/stm32l432/src/device.c +++ b/targets/stm32l432/src/device.c @@ -113,8 +113,8 @@ void device_reboot() } void device_init() { - hw_init(LOW_FREQUENCY); - isLowFreq = 1; + hw_init(HIGH_FREQUENCY); + // isLowFreq = 1; #ifndef IS_BOOTLOADER #if BOOT_TO_DFU From 765d532f82d8bc6bc6310e20c659d68b0a702337 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 17:54:52 -0500 Subject: [PATCH 38/44] add low freq clocking options 4,8,16MHz --- targets/stm32l432/src/init.c | 148 ++++++++++++++++++++++++++++++++++- 1 file changed, 144 insertions(+), 4 deletions(-) diff --git a/targets/stm32l432/src/init.c b/targets/stm32l432/src/init.c index 5185aeb..371e181 100644 --- a/targets/stm32l432/src/init.c +++ b/targets/stm32l432/src/init.c @@ -65,6 +65,7 @@ void hw_init(int lowfreq) #else #endif LL_Init(); + init_gpio(); if (lowfreq) { @@ -76,7 +77,6 @@ void hw_init(int lowfreq) } - init_gpio(); if (!lowfreq) { @@ -85,7 +85,6 @@ void hw_init(int lowfreq) init_millisecond_timer(lowfreq); - #if DEBUG_LEVEL > 0 init_debug_uart(); #endif @@ -208,7 +207,7 @@ void SystemClock_Config(void) NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); } -void SystemClock_Config_LF(void) +void SystemClock_Config_LF4(void) { SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); @@ -266,6 +265,130 @@ void SystemClock_Config_LF(void) /* SysTick_IRQn interrupt configuration */ NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); + + +} + +// 8MHz +void SystemClock_Config_LF(void) +{ + SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); + + LL_FLASH_SetLatency(LL_FLASH_LATENCY_0); + + if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_0) + { + Error_Handler(); + } + LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); + + LL_RCC_LSI_Enable(); + + /* Wait till LSI is ready */ + // while(LL_RCC_LSI_IsReady() != 1) + // { + // + // } + LL_RCC_MSI_Enable(); + + /* Wait till MSI is ready */ + // while(LL_RCC_MSI_IsReady() != 1) + // { + // + // } + LL_RCC_MSI_EnableRangeSelection(); + + LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_7); + + LL_RCC_MSI_SetCalibTrimming(0); + + LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); + + /* Wait till System clock is ready */ + // while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) + // { + // + // } + LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); + + LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); + + LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_1); + + LL_Init1msTick(8000000); + + LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); + + LL_SetSystemCoreClock(8000000); + + LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); + + LL_RCC_SetRNGClockSource(LL_RCC_RNG_CLKSOURCE_MSI); + + /* SysTick_IRQn interrupt configuration */ + NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); + +} + +// 16MHz +void SystemClock_Config_LF16(void) +{ + SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN); + + LL_FLASH_SetLatency(LL_FLASH_LATENCY_0); + + if(LL_FLASH_GetLatency() != LL_FLASH_LATENCY_0) + { + Error_Handler(); + } + LL_PWR_SetRegulVoltageScaling(LL_PWR_REGU_VOLTAGE_SCALE1); + + LL_RCC_LSI_Enable(); + + /* Wait till LSI is ready */ + while(LL_RCC_LSI_IsReady() != 1) + { + + } + LL_RCC_MSI_Enable(); + + /* Wait till MSI is ready */ + while(LL_RCC_MSI_IsReady() != 1) + { + + } + LL_RCC_MSI_EnableRangeSelection(); + + LL_RCC_MSI_SetRange(LL_RCC_MSIRANGE_8); + + LL_RCC_MSI_SetCalibTrimming(0); + + LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_MSI); + + /* Wait till System clock is ready */ + while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_MSI) + { + + } + LL_RCC_SetAHBPrescaler(LL_RCC_SYSCLK_DIV_1); + + LL_RCC_SetAPB1Prescaler(LL_RCC_APB1_DIV_1); + + LL_RCC_SetAPB2Prescaler(LL_RCC_APB2_DIV_1); + + LL_Init1msTick(16000000); + + LL_SYSTICK_SetClkSource(LL_SYSTICK_CLKSOURCE_HCLK); + + LL_SetSystemCoreClock(16000000); + + LL_RCC_SetUSARTClockSource(LL_RCC_USART1_CLKSOURCE_PCLK2); + + LL_RCC_SetRNGClockSource(LL_RCC_RNG_CLKSOURCE_MSI); + + /* SysTick_IRQn interrupt configuration */ + NVIC_SetPriority(SysTick_IRQn, NVIC_EncodePriority(NVIC_GetPriorityGrouping(),0, 0)); + } void init_usb() @@ -413,8 +536,25 @@ void init_gpio(void) LL_AHB2_GRP1_EnableClock(LL_AHB2_GRP1_PERIPH_GPIOA); LL_AHB2_GRP1_EnableClock(LL_AHB2_GRP1_PERIPH_GPIOB); + + LL_GPIO_SetPinMode(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_MODE_INPUT); LL_GPIO_SetPinPull(SOLO_BUTTON_PORT,SOLO_BUTTON_PIN,LL_GPIO_PULL_UP); + +#ifdef SOLO_AMS_IRQ_PORT + LL_AHB2_GRP1_EnableClock(LL_AHB2_GRP1_PERIPH_GPIOC); + /**/ + LL_GPIO_InitTypeDef GPIO_InitStruct; + GPIO_InitStruct.Pin = SOLO_AMS_IRQ_PIN; + GPIO_InitStruct.Mode = LL_GPIO_MODE_INPUT; + GPIO_InitStruct.Pull = LL_GPIO_PULL_NO; + LL_GPIO_Init(SOLO_AMS_IRQ_PORT, &GPIO_InitStruct); + + + LL_GPIO_SetPinMode(SOLO_AMS_IRQ_PORT,SOLO_AMS_IRQ_PIN,LL_GPIO_MODE_INPUT); + LL_GPIO_SetPinPull(SOLO_AMS_IRQ_PORT,SOLO_AMS_IRQ_PIN,LL_GPIO_PULL_UP); +#endif + } void init_millisecond_timer(int lf) @@ -430,7 +570,7 @@ void init_millisecond_timer(int lf) if (!lf) TIM_InitStruct.Prescaler = 48000; else - TIM_InitStruct.Prescaler = 4000; + TIM_InitStruct.Prescaler = 8000; TIM_InitStruct.CounterMode = LL_TIM_COUNTERMODE_UP; TIM_InitStruct.Autoreload = 90; From 2ed8667f1822221141828804eb9e7fb1803a53fc Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 17:55:27 -0500 Subject: [PATCH 39/44] immedately change clock rate to load data sections faster --- targets/stm32l432/src/startup_stm32l432xx.s | 55 +++++++++++---------- targets/stm32l432/src/system_stm32l4xx.c | 3 ++ 2 files changed, 31 insertions(+), 27 deletions(-) diff --git a/targets/stm32l432/src/startup_stm32l432xx.s b/targets/stm32l432/src/startup_stm32l432xx.s index 32d257f..7599702 100644 --- a/targets/stm32l432/src/startup_stm32l432xx.s +++ b/targets/stm32l432/src/startup_stm32l432xx.s @@ -7,7 +7,7 @@ * - Set the initial SP * - Set the initial PC == Reset_Handler, * - Set the vector table entries with the exceptions ISR address, - * - Configure the clock system + * - Configure the clock system * - Branches to main in the C library (which eventually * calls main()). * After Reset the Cortex-M4 processor is in Thread mode, @@ -79,6 +79,8 @@ Reset_Handler: ldr sp, =_estack /* Atollic update: set stack pointer */ /* Copy the data segment initializers from flash to SRAM */ +/* Call the clock system intitialization function.*/ + bl SystemInit movs r1, #0 b LoopCopyDataInit @@ -106,8 +108,7 @@ LoopFillZerobss: cmp r2, r3 bcc FillZerobss -/* Call the clock system intitialization function.*/ - bl SystemInit + /* Call static constructors */ bl __libc_init_array /* Call the application's entry point.*/ @@ -115,7 +116,7 @@ LoopFillZerobss: LoopForever: b LoopForever - + .size Reset_Handler, .-Reset_Handler /** @@ -414,49 +415,49 @@ g_pfnVectors: .weak COMP_IRQHandler .thumb_set COMP_IRQHandler,Default_Handler - + .weak LPTIM1_IRQHandler .thumb_set LPTIM1_IRQHandler,Default_Handler - + .weak LPTIM2_IRQHandler - .thumb_set LPTIM2_IRQHandler,Default_Handler - + .thumb_set LPTIM2_IRQHandler,Default_Handler + .weak USB_IRQHandler - .thumb_set USB_IRQHandler,Default_Handler - + .thumb_set USB_IRQHandler,Default_Handler + .weak DMA2_Channel6_IRQHandler - .thumb_set DMA2_Channel6_IRQHandler,Default_Handler - + .thumb_set DMA2_Channel6_IRQHandler,Default_Handler + .weak DMA2_Channel7_IRQHandler - .thumb_set DMA2_Channel7_IRQHandler,Default_Handler - + .thumb_set DMA2_Channel7_IRQHandler,Default_Handler + .weak LPUART1_IRQHandler - .thumb_set LPUART1_IRQHandler,Default_Handler - + .thumb_set LPUART1_IRQHandler,Default_Handler + .weak QUADSPI_IRQHandler - .thumb_set QUADSPI_IRQHandler,Default_Handler - + .thumb_set QUADSPI_IRQHandler,Default_Handler + .weak I2C3_EV_IRQHandler - .thumb_set I2C3_EV_IRQHandler,Default_Handler - + .thumb_set I2C3_EV_IRQHandler,Default_Handler + .weak I2C3_ER_IRQHandler - .thumb_set I2C3_ER_IRQHandler,Default_Handler - + .thumb_set I2C3_ER_IRQHandler,Default_Handler + .weak SAI1_IRQHandler .thumb_set SAI1_IRQHandler,Default_Handler - + .weak SWPMI1_IRQHandler .thumb_set SWPMI1_IRQHandler,Default_Handler - + .weak TSC_IRQHandler .thumb_set TSC_IRQHandler,Default_Handler - + .weak RNG_IRQHandler .thumb_set RNG_IRQHandler,Default_Handler - + .weak FPU_IRQHandler .thumb_set FPU_IRQHandler,Default_Handler - + .weak CRS_IRQHandler .thumb_set CRS_IRQHandler,Default_Handler /************************ (C) COPYRIGHT STMicroelectronics *****END OF FILE****/ diff --git a/targets/stm32l432/src/system_stm32l4xx.c b/targets/stm32l432/src/system_stm32l4xx.c index 44f5432..bb12cc3 100644 --- a/targets/stm32l432/src/system_stm32l4xx.c +++ b/targets/stm32l432/src/system_stm32l4xx.c @@ -106,6 +106,7 @@ */ #include "stm32l4xx.h" +#include "init.h" #if !defined (HSE_VALUE) #define HSE_VALUE 8000000U /*!< Value of the External oscillator in Hz */ @@ -219,6 +220,8 @@ void SystemInit(void) /* Disable all interrupts */ RCC->CIER = 0x00000000U; + SystemClock_Config_LF(); + } /** From e3971a5e0f524d29c609a9bc98fe49609635592d Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 17:56:53 -0500 Subject: [PATCH 40/44] change ams init, read less regs --- targets/stm32l432/src/ams.c | 47 ++++++++++++++++++++++++------------- targets/stm32l432/src/ams.h | 20 +++++++++++++++- 2 files changed, 50 insertions(+), 17 deletions(-) diff --git a/targets/stm32l432/src/ams.c b/targets/stm32l432/src/ams.c index d52da58..b0ab7d0 100644 --- a/targets/stm32l432/src/ams.c +++ b/targets/stm32l432/src/ams.c @@ -79,27 +79,16 @@ uint8_t ams_read_reg(uint8_t addr) return data; } -// data must be 14 bytes long -void read_reg_block2(AMS_DEVICE * dev) -{ - int i; - - for (i = 0; i < 0x20; i++) - { - dev->buf[i] = ams_read_reg(i); - } -} - // data must be 14 bytes long void read_reg_block(AMS_DEVICE * dev) { int i; - uint8_t mode = 0x20 | (0 ); + uint8_t mode = 0x20 | (4 ); flush_rx(); send_recv(mode); - for (i = 0; i < 0x20; i++) + for (i = 0x04; i < 0x0d; i++) { dev->buf[i] = send_recv(0); } @@ -204,6 +193,30 @@ const char * ams_get_state_string(uint8_t regval) return "STATE_WRONG"; } +int ams_state_is_valid(uint8_t regval) +{ + if (regval & AMS_STATE_INVALID) + { + return 0; + } + switch (regval & AMS_STATE_MASK) + { + case AMS_STATE_OFF: + case AMS_STATE_SENSE: + case AMS_STATE_RESOLUTION: + case AMS_STATE_RESOLUTION_L2: + case AMS_STATE_SELECTED: + case AMS_STATE_SECTOR2: + case AMS_STATE_SECTORX_2: + case AMS_STATE_SELECTEDX: + case AMS_STATE_SENSEX_L2: + case AMS_STATE_SENSEX: + case AMS_STATE_SLEEP: + return 1; + } + return 0; +} + void ams_print_int0(uint8_t int0) { uint32_t tag = (TAG_NFC)|(TAG_NO_TAG); @@ -252,6 +265,7 @@ void ams_print_int1(uint8_t int0) printf1(tag,"\r\n"); } + bool ams_init() { @@ -270,7 +284,7 @@ bool ams_init() // delay(10); // - if (1) + if (0) { ams_write_command(AMS_CMD_DEFAULT); ams_write_command(AMS_CMD_CLEAR_BUFFER); @@ -287,6 +301,7 @@ bool ams_init() // enable tunneling mode and RF configuration ams_write_reg(AMS_REG_IC_CONF2, AMS_RFCFG_EN | AMS_TUN_MOD); + ams_read_eeprom_block(AMS_CONFIG_UID_ADDR, block); printf1(TAG_NFC,"UID: "); dump_hex1(TAG_NFC,block,4); @@ -295,7 +310,7 @@ bool ams_init() uint8_t sense1 = 0x44; uint8_t sense2 = 0x00; - uint8_t selr = 0x20; // SAK + uint8_t selr = 0x20; // SAK if(block[0] != sense1 || block[1] != sense2 || block[2] != selr) { @@ -318,7 +333,7 @@ bool ams_init() ams_read_eeprom_block(AMS_CONFIG_BLOCK1_ADDR, block); printf1(TAG_NFC,"conf1: "); dump_hex1(TAG_NFC,block,4); - uint8_t ic_cfg1 = AMS_CFG1_OUTPUT_RESISTANCE_100 | AMS_CFG1_VOLTAGE_LEVEL_2V0; + uint8_t ic_cfg1 = AMS_CFG1_OUTPUT_RESISTANCE_100 | AMS_CFG1_VOLTAGE_LEVEL_2V1; uint8_t ic_cfg2 = AMS_CFG2_TUN_MOD; if (block[0] != ic_cfg1 || block[1] != ic_cfg2) diff --git a/targets/stm32l432/src/ams.h b/targets/stm32l432/src/ams.h index ad3b94f..1f2e3a5 100644 --- a/targets/stm32l432/src/ams.h +++ b/targets/stm32l432/src/ams.h @@ -52,6 +52,9 @@ uint8_t ams_read_reg(uint8_t addr); void ams_write_reg(uint8_t addr, uint8_t tx); +const char * ams_get_state_string(uint8_t regval); +int ams_state_is_valid(uint8_t regval); + #define AMS_REG_IO_CONF 0x00 #define AMS_REG_IC_CONF0 0x01 @@ -70,11 +73,21 @@ void ams_write_reg(uint8_t addr, uint8_t tx); #define AMS_STATE_SELECTED (6 << 3) #define AMS_STATE_SECTOR2 (7 << 3) #define AMS_STATE_SECTORX_2 (0xf << 3) - #define AMS_STATE_SELECTEDX (0xd << 3) + #define AMS_STATE_SELECTEDX (0xe << 3) #define AMS_STATE_SENSEX_L2 (0xa << 3) #define AMS_STATE_SENSEX (0xb << 3) #define AMS_STATE_SLEEP (0x9 << 3) // ... // +#define AMS_REG_MASK_INT0 0x08 + #define AMS_MASK0_PU (1<<7) // power up + #define AMS_MASK0_WU_A (1<<6) // selected INT + #define AMS_MASK0_SLP (1<<5) + #define AMS_MASK0_EEW_RF (1<<4) + #define AMS_MASK0_EER_RF (1<<3) + #define AMS_MASK0_RXE (1<<2) + #define AMS_MASK0_TXE (1<<1) + #define AMS_MASK0_XRF (1<<0) +#define AMS_REG_MASK_INT1 0x09 #define AMS_REG_INT0 0x0a #define AMS_INT_XRF (1<<0) #define AMS_INT_TXE (1<<1) @@ -109,6 +122,11 @@ void ams_write_reg(uint8_t addr, uint8_t tx); #define AMS_CFG1_VOLTAGE_LEVEL_1V9 (0x00<<2) #define AMS_CFG1_VOLTAGE_LEVEL_2V0 (0x01<<2) +#define AMS_CFG1_VOLTAGE_LEVEL_2V1 (0x02<<2) +#define AMS_CFG1_VOLTAGE_LEVEL_2V2 (0x03<<2) +#define AMS_CFG1_VOLTAGE_LEVEL_2V3 (0x04<<2) +#define AMS_CFG1_VOLTAGE_LEVEL_2V4 (0x05<<2) +#define AMS_CFG1_VOLTAGE_LEVEL_2V5 (0x06<<2) #define AMS_CFG1_OUTPUT_RESISTANCE_ZZ 0x00 #define AMS_CFG1_OUTPUT_RESISTANCE_100 0x01 From f470e9a9cd8f39c742a11216563f1d88aa6023b9 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 18:05:22 -0500 Subject: [PATCH 41/44] dont need to init clock at first in bootloader --- targets/stm32l432/bootloader/main.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/targets/stm32l432/bootloader/main.c b/targets/stm32l432/bootloader/main.c index d1325af..2c419a7 100644 --- a/targets/stm32l432/bootloader/main.c +++ b/targets/stm32l432/bootloader/main.c @@ -24,6 +24,7 @@ #include #include "stm32l4xx_ll_rcc.h" +#include "stm32l4xx_ll_gpio.h" #include "stm32l4xx.h" #include "cbor.h" @@ -85,8 +86,9 @@ int main(int argc, char * argv[]) ); // device_init(); - SystemClock_Config_LF(); + init_gpio(); + init_millisecond_timer(1); #if DEBUG_LEVEL > 0 From 3005a63938b4bcefafa27d6ca22cb872e32ce5ab Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 18:07:09 -0500 Subject: [PATCH 42/44] re-arrange some logic for better passive operation --- targets/stm32l432/src/app.h | 3 ++ targets/stm32l432/src/device.c | 13 ++++- targets/stm32l432/src/nfc.c | 92 +++++++++++++++++++------------- targets/stm32l432/src/redirect.c | 10 ++-- 4 files changed, 74 insertions(+), 44 deletions(-) diff --git a/targets/stm32l432/src/app.h b/targets/stm32l432/src/app.h index e3f8ee0..b37296b 100644 --- a/targets/stm32l432/src/app.h +++ b/targets/stm32l432/src/app.h @@ -73,6 +73,9 @@ void hw_init(int lf); #define SOLO_AMS_CS_PORT GPIOB #define SOLO_AMS_CS_PIN LL_GPIO_PIN_0 +#define SOLO_AMS_IRQ_PORT GPIOC +#define SOLO_AMS_IRQ_PIN LL_GPIO_PIN_15 + #define SKIP_BUTTON_CHECK_WITH_DELAY 0 #define SKIP_BUTTON_CHECK_FAST 0 diff --git a/targets/stm32l432/src/device.c b/targets/stm32l432/src/device.c index 8ed047f..b0002ad 100644 --- a/targets/stm32l432/src/device.c +++ b/targets/stm32l432/src/device.c @@ -111,11 +111,16 @@ void device_reboot() { NVIC_SystemReset(); } + void device_init() { - hw_init(HIGH_FREQUENCY); + + // hw_init(LOW_FREQUENCY); // isLowFreq = 1; + hw_init(HIGH_FREQUENCY); + isLowFreq = 0; + #ifndef IS_BOOTLOADER #if BOOT_TO_DFU flash_option_bytes_init(1); @@ -153,6 +158,12 @@ void usbhid_init() #if DEBUG_LEVEL>1 wait_for_usb_tether(); #endif + } + else + { + + + } } diff --git a/targets/stm32l432/src/nfc.c b/targets/stm32l432/src/nfc.c index eb07440..2442d38 100644 --- a/targets/stm32l432/src/nfc.c +++ b/targets/stm32l432/src/nfc.c @@ -11,10 +11,9 @@ #include "ctap_errors.h" +#define IS_IRQ_ACTIVE() (1 == (LL_GPIO_ReadInputPort(SOLO_AMS_IRQ_PORT) & SOLO_AMS_IRQ_PIN)) // Capability container - - const CAPABILITY_CONTAINER NFC_CC = { .cclen_hi = 0x00, .cclen_lo = 0x0f, .version = 0x20, @@ -26,8 +25,19 @@ const CAPABILITY_CONTAINER NFC_CC = { 0x00,0x00 } }; +// 13 chars uint8_t NDEF_SAMPLE[] = "\x00\x14\xd1\x01\x0eU\x04solokeys.com/"; +#include +void nprintf(const char *format, ...) +{ + memmove((char*)NDEF_SAMPLE + sizeof(NDEF_SAMPLE) - 1 - 13," ", 13); + va_list args; + va_start (args, format); + vsnprintf ((char*)NDEF_SAMPLE + sizeof(NDEF_SAMPLE) - 1 - 13, 13, format, args); + va_end (args); +} + static struct { uint8_t max_frame_size; @@ -225,9 +235,9 @@ void WTX_clear() bool WTX_on(int WTX_time) { WTX_clear(); - + // TODO: start interrupt - + return true; } @@ -236,7 +246,7 @@ bool WTX_process(int read_timeout); bool WTX_off() { // TODO: stop interrupt - + // read data if we sent WTX if (WTX_sent) { @@ -246,7 +256,7 @@ bool WTX_off() if (WTX_fail) return false; - + return true; } @@ -257,7 +267,7 @@ bool WTX_process(int read_timeout) uint8_t wtx[] = {0xf2, 0x01}; if (WTX_fail) return false; - + if (!WTX_sent) { nfc_write_frame(wtx, sizeof(wtx)); @@ -273,16 +283,16 @@ bool WTX_process(int read_timeout) WTX_fail = true; return false; } - + if (len != 2 || data[0] != 0xf2 || data[1] != 0x01) { WTX_fail = true; return false; } - + WTX_sent = false; return true; - } + } } int answer_rats(uint8_t parameter) @@ -315,8 +325,11 @@ int answer_rats(uint8_t parameter) // historical bytes memcpy(&res[3], (uint8_t *)"SoloKey tap", 11); + nfc_write_frame(res, sizeof(res)); ams_wait_for_tx(10); + + return 0; } @@ -420,7 +433,7 @@ void nfc_process_iblock(uint8_t * buf, int len) nfc_write_response(buf[0], SW_INS_INVALID); break; } - + printf1(TAG_NFC, "U2F GetVersion command.\r\n"); nfc_write_response_ex(buf[0], (uint8_t *)"U2F_V2", 6, SW_SUCCESS); @@ -657,49 +670,51 @@ void nfc_process_block(uint8_t * buf, int len) void nfc_loop() { static uint32_t t1 = 0; + static uint32_t t2 = 0; uint8_t buf[32]; AMS_DEVICE ams; int len = 0; - // uint8_t def[] = "\x00\x00\x05\x40\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x14\x02\x01\x00"; - // if (millis() - t1 > interval) if (1) { - t1 = millis(); read_reg_block(&ams); + uint8_t state = AMS_STATE_MASK & ams.regs.rfid_status; - process_int0(ams.regs.int0); + if (state != AMS_STATE_SELECTED && state != AMS_STATE_SELECTEDX) + { + // delay(1); // sleep ? + return; + } - // if (memcmp(def,ams.buf,sizeof(AMS_DEVICE)) != 0) - // { - // printf1(TAG_NFC,"regs: "); dump_hex1(TAG_NFC,ams.buf,sizeof(AMS_DEVICE)); - // } if (ams.regs.rfid_status) { - // uint8_t state = AMS_STATE_MASK & ams.regs.rfid_status; // if (state != AMS_STATE_SENSE) - // printf1(TAG_NFC," %s %d\r\n", ams_get_state_string(ams.regs.rfid_status), millis()); + // printf1(TAG_NFC," %s x%02x\r\n", ams_get_state_string(ams.regs.rfid_status), state); } if (ams.regs.int0 & AMS_INT_INIT) { - // Initialize chip! nfc_state_init(); + t1 = millis(); } if (ams.regs.int1) { // ams_print_int1(ams.regs.int1); } - if (ams.regs.buffer_status2 && (ams.regs.int0 & AMS_INT_RXE)) + + if ((ams.regs.int0 & AMS_INT_RXE)) { - if (ams.regs.buffer_status2 & AMS_BUF_INVALID) + if (ams.regs.buffer_status2) { - printf1(TAG_NFC,"Buffer being updated!\r\n"); - } - else - { - len = ams.regs.buffer_status2 & AMS_BUF_LEN_MASK; - ams_read_buffer(buf, len); + if (ams.regs.buffer_status2 & AMS_BUF_INVALID) + { + printf1(TAG_NFC,"Buffer being updated!\r\n"); + } + else + { + len = ams.regs.buffer_status2 & AMS_BUF_LEN_MASK; + ams_read_buffer(buf, len); + } } } @@ -719,12 +734,17 @@ void nfc_loop() printf1(TAG_NFC, "HLTA/Halt\r\n"); break; case NFC_CMD_RATS: - printf1(TAG_NFC,"RATS\r\n"); - t1 = millis(); + t2 = millis(); + answer_rats(buf[1]); + nprintf("R:%x-%x:%d:%d",firstbuf[0],firstbuf[1],t2-t1,inits); + /// + LL_GPIO_SetOutputPin(GPIOA,LL_GPIO_PIN_12); + /// + NFC_STATE.block_num = 1; - clear_ibuf(); - WTX_clear(); + clear_ibuf(); + WTX_clear(); printf1(TAG_NFC,"RATS answered %d (took %d)\r\n",millis(), millis() - t1); break; default: @@ -736,10 +756,8 @@ void nfc_loop() break; } - - } + } - } diff --git a/targets/stm32l432/src/redirect.c b/targets/stm32l432/src/redirect.c index d3d5e5d..12e47b5 100644 --- a/targets/stm32l432/src/redirect.c +++ b/targets/stm32l432/src/redirect.c @@ -37,18 +37,16 @@ void _putchar(char c) LL_USART_TransmitData8(DEBUG_UART,c); #endif } -static int NFC = 0; int _write (int fd, const void *buf, long int len) { uint8_t * data = (uint8_t *) buf; - if (!NFC) - { - // Send out USB serial - CDC_Transmit_FS(data, len); - } + + // Send out USB serial + CDC_Transmit_FS(data, len); + // Send out UART serial while(len--) From c624a32ef693f76ae29d3e9c18367e47a08d5fc9 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 18:07:38 -0500 Subject: [PATCH 43/44] default 8 thread build --- targets/stm32l432/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/targets/stm32l432/Makefile b/targets/stm32l432/Makefile index aeae209..b4be621 100644 --- a/targets/stm32l432/Makefile +++ b/targets/stm32l432/Makefile @@ -8,7 +8,7 @@ all: $(MAKE) -f application.mk -j8 solo.hex PREFIX=$(PREFIX) DEBUG=$(DEBUG) EXTRA_DEFINES='-DFLASH_ROP=1' all-hacker: - $(MAKE) -f application.mk solo.hex PREFIX=$(PREFIX) DEBUG=$(DEBUG) EXTRA_DEFINES='-DSOLO_HACKER -DFLASH_ROP=0' + $(MAKE) -f application.mk -j8 solo.hex PREFIX=$(PREFIX) DEBUG=$(DEBUG) EXTRA_DEFINES='-DSOLO_HACKER -DFLASH_ROP=0' all-locked: $(MAKE) -f application.mk -j8 solo.hex PREFIX=$(PREFIX) EXTRA_DEFINES='-DFLASH_ROP=2' @@ -45,7 +45,6 @@ clean2: $(MAKE) -f application.mk clean $(MAKE) -f bootloader.mk clean - flash: solo.hex bootloader.hex $(merge_hex) solo.hex bootloader.hex all.hex STM32_Programmer_CLI -c port=SWD -halt -e all --readunprotect From 587c9aad1488c54eca0bb305a65ba5b80484405d Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Wed, 6 Feb 2019 18:09:53 -0500 Subject: [PATCH 44/44] refactor --- targets/stm32l432/src/nfc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/targets/stm32l432/src/nfc.c b/targets/stm32l432/src/nfc.c index 2442d38..53c77e2 100644 --- a/targets/stm32l432/src/nfc.c +++ b/targets/stm32l432/src/nfc.c @@ -28,6 +28,7 @@ const CAPABILITY_CONTAINER NFC_CC = { // 13 chars uint8_t NDEF_SAMPLE[] = "\x00\x14\xd1\x01\x0eU\x04solokeys.com/"; +// Poor way to get some info while in passive operation #include void nprintf(const char *format, ...) { @@ -737,7 +738,7 @@ void nfc_loop() t2 = millis(); answer_rats(buf[1]); - nprintf("R:%x-%x:%d:%d",firstbuf[0],firstbuf[1],t2-t1,inits); + nprintf("R:%d",t2-t1); /// LL_GPIO_SetOutputPin(GPIOA,LL_GPIO_PIN_12); ///